[Remote] Devops Infrastructure/Cloud Engineer
Note: The job is a remote job and is open to candidates in USA. BayOne Solutions is seeking a DevOps Infrastructure/Cloud Engineer to manage and improve cloud infrastructure across AWS and GCP. The role involves converting provisioning scripts into Terraform, streamlining deployment workflows, and ensuring infrastructure consistency across environments.ResponsibilitiesManage and improve cloud infrastructure across AWS and GCPConvert existing manual provisioning scripts into TerraformMigrate AWS Lambda/serverless infrastructure from Serverless Framework to TerraformBuild reusable Terraform modules for tenant provisioning, networking, IAM, deployment resources, and environment setupEnsure infrastructure is repeatable, version-controlled, documented, and auditableImprove infrastructure consistency across development, staging, and production environmentsStreamline deployment workflows across services and environmentsMove AWS Amplify deployments from direct Amplify-based deployment to GitHub-driven workflowsBuild and maintain GitHub Actions pipelines for application deployment, infrastructure deployment, and tenant provisioningImprove deployment speed, reliability, rollback safety, and visibilityOptimize deployment workflows for multi-tenant environmentsImprove long-running Vertex AI Pipeline deployments across multiple tenantsEstablish clear promotion workflows between environmentsReview existing tenant provisioning scripts and workflowsConvert tenant provisioning into Terraform-backed infrastructure workflowsAutomate tenant provisioning using GitHub ActionsImprove repeatability, traceability, and rollback capability for tenant setupReduce manual operational work and deployment riskReview, clean up, and improve existing VPC structuresDefine clear networking patterns across AWS and GCPImprove segmentation between environments and tenants where appropriateReview DNS, routing, security groups, firewall rules, and cloud networking configurationDocument cloud network architecture and operational runbooksImplement least-privilege access across AWS, GCP, GitHub, and deployment systemsAutomate permission management for engineering and production environmentsRestrict production access based on role and operational needImplement or improve just-in-time access for on-call engineersImprove auditability of privileged access and production changesReview secrets management and recommend improvements where neededImplement GitHub repository rules and engineering workflow standards, including:Branch naming conventionsPull request requirementsRequired Jira ticket referencesProtected branchesRequired reviewsRequired CI checksEnvironment-based approvalsImprove consistency of engineering workflows across repositoriesEnsure GitHub workflows support both developer velocity and compliance needsReview and improve monitoring, logging, metrics, and alertingHelp identify deployment bottlenecks, infrastructure risks, and recurring operational issuesImprove incident response readiness through runbooks and documentationSupport production incident troubleshooting when neededRecommend improvements to reduce operational toil and improve system reliabilityHelp maintain and improve technical controls required for SOC 2Support controls related to:Access managementChange managementDeployment approvalsInfrastructure securityProduction accessAudit loggingEvidence collectionEnsure infrastructure and deployment processes are auditable and documentedHelp create or improve runbooks, diagrams, and process documentation needed for complianceSkills7+ years of experience in DevOps, cloud infrastructure, platform engineering, or systems engineeringStrong hands-on experience with Terraform in production environmentsExperience managing infrastructure across AWS and GCPStrong experience building and maintaining GitHub Actions workflowsExperience with AWS services such as: Lambda, IAM, VPC, Amplify, CloudWatch, Secrets Manager or Parameter StoreExperience with GCP services such as: Vertex AI, IAM, VPC networking, Cloud Logging / MonitoringExperience migrating manual or framework-based infrastructure to Infrastructure as CodeStrong understanding of Linux, networking, DNS, IAM, and cloud security fundamentalsExperience implementing least-privilege access and production access controlsExperience with monitoring, logging, and observability toolsStrong scripting ability in Bash, Python, Go, or similar languagesAbility to work independently, clarify ambiguity, and drive implementation without heavy handholdingStrong documentation and communication skillsExperience with multi-tenant SaaS infrastructureExperience with Vertex AI Pipelines or ML/AI deployment workflowsExperience optimizing long-running cloud deployment pipelinesExperience with GitOps or declarative infrastructure patternsExperience with SOC 2, ISO 27001, or similar compliance frameworksExperience with just-in-time access tooling such as Okta, Teleport, AWS IAM Identity Center, Google IAM Conditions, or similarExperience with policy-as-code tools such as OPA, Checkov, Conftest, Sentinel, or Terraform Cloud policiesExperience with Kubernetes, Docker, or containerized workloadsExperience with cloud cost optimization and resource managementExperience creating disaster recovery, backup, and business continuity processesCompany OverviewBayOne Solutions provides computer programming services. It was founded in 2012, and is headquartered in Pleasanton, California, USA, with a workforce of 501-1000 employees. Its website is https://bayone.com/.Company H1B SponsorshipBayOne Solutions has a track record of offering H1B sponsorships, with 23 in 2025, 25 in 2024, 20 in 2023, 30 in 2022, 20 in 2021, 37 in 2020. Please note that this does not guarantee sponsorship for this specific role.