About us
For more than 20 years, our general network of passionate technologists and pioneering craftspeople has delivered cutting-edge technology and game-changing consulting to companies on the brink of AI driven digital transformation. Since 2001, we have grown into a full service digital consulting company with 5500+ professionals working on a worldwide ambition.
Driven by the desire to make a difference, we keep innovating. Fuelling the growth of our company with our knowledge worker culture. When teaming up with Xebia, expect in-depth expertise based on an authentic, value-led, and high quality way of working that inspires all we do. At Xebia, we put ‘People First’—committed to attracting diverse talent and fostering an inclusive, respectful workplace where everyone is valued for their contributions. We welcome all individuals and evaluate solely on the quality of their work and teamwork.
About the role
We are looking for a DevSecOps Automation Engineer to join a lean, high-impact platform team responsible for building and operating a secure, resilient, and fully automated AWS foundation.
This role focuses on GitOps-driven infrastructure automation, the creation of golden Terraform modules for broad developer adoption, and deep enablement of self-service cloud capabilities at scale. You will work closely with existing CI/CD teams (who own pipeline-specific modules) while owning the core infrastructure, security, and networking automation layer.
What you will do
- Design, build, and maintain GitOps-based infrastructure automation using Terraform and Pull Request workflows. - Develop and maintain reusable “golden” Terraform modules to be consumed by development teams across the organization. - Operate and extend Terraform Enterprise, making full use of its capabilities (workspaces, state management, policy enforcement, RBAC, run tasks, etc.). - Implement policy-as-code and AI-augmented code reviews to ensure security, compliance, and consistency by default. - Build automated self-healing mechanisms for infrastructure and security controls. - Work on a multi-region AWS architecture with centralized inspection, logging, and security controls. - Contribute to networking automation using AWS Cloud WAN as the backbone for global connectivity. - Collaborate closely with security, platform, and CI/CD teams while keeping a strong platform-product mindset. - Enable proactive, self-service workflows so developers can safely provision infrastructure via Git without direct platform intervention.
Required experience
- Strong hands-on experience with AWS and Terraform, including advanced, production-grade usage. - Proven experience working with Terraform Enterprise (not just OSS Terraform). - Solid understanding of GitOps principles applied to infrastructure. - Experience building reusable Terraform modules for large developer populations. - Strong AWS fundamentals across networking, security, and IAM. - Ability to design systems that are secure by default and self-service oriented.
Nice to have
- Hands-on experience with AWS Cloud WAN. - Experience implementing policy-as-code frameworks. - Exposure to AI-assisted code reviews or automated quality gates. - Background in operating large-scale, multi-account AWS environments.