Role: DevOps Engineer — Infrastructure & Security
Location: Charlotte, NC (Hybrid, atleast 2 days onsite)
About the Role
We're looking for a DevOps Engineer who can help lead our infrastructure-as-code and CICD deliverables for the client project and raise the bar on security across the program. You'll design and maintain Terraform modules consumed by multiple teams, build secure CI/CD pipelines, and ensure every provisioned resource follows least-privilege principles. You'll work within HCP Terraform using VCS-driven workflows and help shape how the team adopts AI-assisted development tooling responsibly.
## What You'll Do
- Design, build, and maintain reusable Terraform modules with clear interfaces, versioning, and documentation so other teams can self-serve infrastructure safely
- Manage and optimize HCP Terraform workspaces using VCS-driven workflows — including workspace design, variable sets, run triggers, and policy enforcement
- Provision and manage cloud resources (primarily AWS) following least-privilege access patterns and security best practices
- Manage secrets and sensitive configuration using HashiCorp Vault and/or AWS Secrets Manager
- Build and maintain CI/CD pipelines (GitHub Actions) with proper gating, scanning, testing, and promotion workflows that integrate with HCP Terraform's VCS-driven run model
- Conduct security reviews of infrastructure code and pipeline configurations
## What You Bring
- 5+ years of hands-on Terraform experience, including writing modules with proper state management, remote backends, and provider configuration
- Hands-on Experience with HCP Terraform (Terraform Cloud), specifically VCS-driven workflows — workspace configuration, speculative plans on PRs, run approvals, and managing workspace variables/variable sets
- Experience with HCP Terraform's private registry for publishing and consuming internal modules
- Strong understanding of AWS IAM — policies, roles, trust relationships, permission boundaries, and service control policies
- Hands-on Experience with at least one secrets management platform: HashiCorp Vault or AWS Secrets Manager
- Solid understanding of OIDC and federated identity — how trust is established, token exchange, and practical application in CI/CD and cloud access
- Proven experience building and maintaining CI/CD pipelines in GitHub Actions or GitLab CI/CD, including environment promotion, approval gates, and artifact management
- Security-first mindset — you default to deny, scope permissions tightly, and can articulate why
- Hands-on Experience using AI coding assistants (Amazon Q, Kiro, GitHub Copilot, or similar) with a clear understanding of when to trust, verify, and override AI-generated output
- Commitment to human-in-the-loop practices: code review, manual approval gates for production, and treating AI output as a draft — never as the final word
### Nice to Have
- Experience with Sentinel within HCP Terraform
- Knowledge of infrastructure testing tools
- Contributions to internal developer platforms or self-service infrastructure tooling
## How We Work
- Infrastructure changes are driven through VCS — a push or PR triggers speculative plans and runs in HCP Terraform, with peer review required before apply
- AI tools accelerate our work, but every change is reviewed by a human before merging
- We treat security as a shared responsibility, not a gate at the end
- We document architectural decisions and keep runbooks current
- We prefer simple, maintainable solutions over clever ones
La Comunidad Cognizant:
Somos un equipo que se aprecia y apoya mutuamente. Nuestros asociados trabajan en un entorno colaborativo e integrador en el que todos pueden prosperar.
- Cognizant es una comunidad global con más de 300.000+ asociados en todo el mundo.
- No solo soñamos con un mundo mejor, sino que trabajamos para hacerlo realidad.
- Cuidamos de nuestros asociados, clientes, socios, comunidades y entorno haciendo lo correcto.
- Fomentamos un entorno innovador en el que puedes desarrollar tu carrera profesional.
Acerca de nosotros
Cognizant (NASDAQ: CTSH) es arquitecto de soluciones de IA y proveedor de servicios tecnológicos que traduce la inversión en inteligencia artificial en valor empresarial real mediante soluciones de IA de stack completo adaptadas a cada cliente. Su profundo conocimiento de la industria, los procesos y la ingeniería le permite integrar el contexto único de cada organización en sistemas tecnológicos que amplifican el potencial humano, generan un impacto real en el negocio y mantienen a las grandes empresas globales un paso adelante en un mundo en constante cambio. Para más información, visita www.cognizant.es o síguenos en @cognizant.
Cognizant es un empleador que ofrece igualdad de oportunidades. Tu solicitud y candidatura no serán consideradas en base a raza, color, sexo, religión, credo, orientación sexual, identidad de género, origen nacional, discapacidad, información genética, embarazo, condición de veterano o cualquier otra característica protegida por las leyes federales, estatales o locales.
Advertencia:
La información sobre remuneración es exacta a la fecha de esta publicación. Cognizant se reserva el derecho a modificar esta información en cualquier momento, sujeto a la legislación aplicable.Es posible que los candidatos deban asistir a entrevistas en persona o por videoconferencia e, incluso, que tengan presentar su documento de identidad vigente, durante cada entrevista.