Developer - Infrastructure Automation Engineer
San Francisco, CA 94103
Employment Type: Contract
Job Number: 31987
Industry: SOFT - Software Companies
Job Description
Job Title: Developer - Infrastructure Automation Engineer
Position Description: Protingent Staffing has an exciting contract Developer - Infrastructure Automation Engineer opportunity.Seeking an experienced Infrastructure Automation Engineer.The contractor will work within a mature, production VMware environment (5+ years in production, managing approximately 300TB of VM data across 1,500–2,000 on-premises VMs) to secure provisioning automation, ensure every workload is updated to meet our internal management policies for security and data integrity.
The contractor will work closely with the internal infrastructure team and team leader throughout the engagement — proactively raising questions, flagging risks, as well as self-reviewing their work for key dependencies and edge cases before implementation.All code will be maintained in GitLab with regular check-ins, following standard software development practices.The opportunity will also collaborate on a VMware-to-Proxmox migration effort to ensure that initial.
Job Responsibilities:
- Aria Automation templates that provision VMs and self-register with AWS SSM and SentinelOne across Windows, Linux, and macOS
- GitLab CI pipelines to develop, test, validate, and deploy provisioning templates and migration script code
- Security team collaboration: define and validate exclusions, token handling, and a documented exclusions process and technical implementation
- VMware-to-Proxmox migration toolkit: robust, repeatable scripts and pipelines to migrate ~1,500–2,000 on-premises VMs with SSM and SentinelOne registration to a proxmox-based environment
- Proxmox platform readiness: collaborate on capacity planning input, environment validation, and migration tools and scripts
- Provisioning & Templates: Extend existing production Aria Automation environment with new virtual machine templates for SSM and SentinelOne self-registration
- Build reusable, parameterized templates across Aria Automation, Terraform, and Ansible
- Support for all three OS types: Windows, Linux, and macOS (Intel-based)
- Integrate with existing CI-driven provisioning and deprovisioning workflows already in place
- Treat the existing production environment with care — validate all changes in non-production before any production promotion
- Attention to detail and clear team communication of possible clear assessment of production impact it imperative
- AWS SSM Integration: Automate SSM Agent installation and registration as part of every provisioning workflow
- Configure hybrid activation codes for all on-premises (non-EC2) targets across all OS types
- Validate SSM registration before marking provisioning complete
- SentinelOne Integration: Automate SentinelOne agent installation and silent deployment for Windows, Linux, and macOS.
- Develop hands-off integration with SentinelOne so that any defined exclusions are in place at SentinelOne installation time.
- Confirm agent check-in as a provisioning completion gate.
- Security Team Collaboration: Work directly with the internal Security group to define and validate required exclusion sets.
- Work directly with internal security group to define system integration for up-front exclusions activation process.
- Collaborate with Security to develop and document a formal exclusions process — covering what exclusions are permissible, how they are requested, reviewed, and approved.
- GitLab & CI/CD Pipeline Development: Maintain all code in GitLab with regular, meaningful check-ins, pull requests and regular reviews with team.
- Follow generally accepted software development practices: branching strategies, merge requests, commit hygiene, and code review
- Build and maintain GitLab CI pipelines for linting, validation, testing, and deployment of provisioning and migration code
- Implement pipeline stages for Dev, Staging, and Production promotion with appropriate approval gates
- Use Artifactory to store and retrieve binary dependencies.
- Organize repositories clearly so the internal team can understand, maintain, and extend the work after the engagement ends.
- VMware-to-Proxmox Migration: Work with the infrastructure team to inventory all ~1,500–2,000 VMs — workload types, OS, network topology, storage layout, and VMware-specific dependencies (VMware Tools features, VMXNET3, paravirtual SCSI, VMware-specific drivers, etc.)
- Self-review all VMs and migration candidates for VMware-specific dependencies — proactively identify anything that may not translate cleanly to Proxmox and raise findings with the team leader before proceeding
- Coordinate with the infrastructure team on Proxmox capacity planning — advise on node count, storage sizing for ~300TB of VM data, and network configuration
- Design and develop a migration script toolkit (Bash, Python, PowerShell, and/or Ansible) to automate export from VMware and import/conversion to Proxmox-compatible formats using tools such as virt-v2v and qemu-img
- Automate post-migration configuration: network interface remapping, storage attachment, and VM hardware profile alignment
- Integrate SSM Agent and SentinelOne re-registration into the post-migration workflow so migrated VMs are immediately managed and protected on Proxmox
- Implement pre- and post-migration validation checks — confirming VM boot, network connectivity, SSM registration, and SentinelOne check-in before marking a migration complete
- Prefer live migration where feasible; where downtime is unavoidable, coordinate directly with end-users to agree on outage windows before proceeding
- Support a phased migration approach: non-production and lower-risk workloads first, then production with change management gates
- Consult freely and proactively with the team leader throughout — ask questions early, flag concerns immediately, and do not proceed with uncertain migrations without alignment
- Deliver a migration runbook covering prerequisites, execution steps, rollback procedures, and known edge cases
- Proxmox Platform Readiness: Advise the infrastructure team on capacity requirements based on current VMware inventory and ~500TB data volume
- Assist with validation of Proxmox-based self-service provisioning system. Develop and run test scripts and terraform and cloud-init templates for testing.
- Prototype VM provisioning using Terraform (Proxmox provider) and Ansible
- Validate Proxmox networking, storage, and resource configuration against workload requirements
- Documentation & Handoff: Deliver runbooks for all provisioning templates, CI pipelines, and migration workflows
- Document integration architecture, secret/credential management with existing internal controls. Deliver the Security-approved exclusions process as a standalone document
- Deliver the migration script toolkit with inline documentation and a standalone operations guide.
- Conduct a knowledge transfer session with the internal infrastructure team before engagement close
Job Qualifications
Aria Automation: Hands-on experience with production VMware Aria / vRealize Automation 8.x environments; Cloud Assembly, ABX or vRO
Terraform: Proficient with HCL, modules, state management; vSphere, AWS, and Proxmox providers
Ansible: Experience writing playbooks and roles for OS configuration, agent deployment, and migration tasks
AWS SSM: Hands-on with SSM Agent deployment, hybrid activations for on-premises targets, and IAM configuration
SentinelOne: Experience with agent deployment across Windows, Linux, and macOS; Management Console API
Proxmox: Familiarity with Proxmox VE administration, VM/template management, storage, and networking
VMware Migration: Experience exporting VMware VMs and converting to KVM/QEMU-compatible formats
Migration Tooling: Familiarity with virt-v2v, qemu-img, or equivalent VMware-to-KVM conversion tooling
macOS Automation: Experience automating agent deployment and configuration on Intel-based macOS
GitLab: Comfortable with GitLab repo management, branching, merge requests, and regular check-in discipline
GitLab CI: Proficient building .gitlab-ci.yml pipelines with multi-stage, multi-environment deployments
Artifactory: Familiarity with JFrog Artifactory for artifact storage and pipeline integration
Secret Management: Experience integrating with 1Password Vaults for secret retrieval in scripts and pipelines
Scripting
Developer - Infrastructure Automation Engineer
San Francisco, CA 94103
Employment Type: Contract
Job Number: 31987
Industry: SOFT - Software Companies
Job Description
Job Title: Developer - Infrastructure Automation Engineer
Position Description: Protingent Staffing has an exciting contract Developer - Infrastructure Automation Engineer opportunity.Seeking an experienced Infrastructure Automation Engineer.The contractor will work within a mature, production VMware environment (5+ years in production, managing approximately 300TB of VM data across 1,500–2,000 on-premises VMs) to secure provisioning automation, ensure every workload is updated to meet our internal management policies for security and data integrity.
The contractor will work closely with the internal infrastructure team and team leader throughout the engagement — proactively raising questions, flagging risks, as well as self-reviewing their work for key dependencies and edge cases before implementation.All code will be maintained in GitLab with regular check-ins, following standard software development practices.The opportunity will also collaborate on a VMware-to-Proxmox migration effort to ensure that initial.
Job Responsibilities:
- Aria Automation templates that provision VMs and self-register with AWS SSM and SentinelOne across Windows, Linux, and macOS
- GitLab CI pipelines to develop, test, validate, and deploy provisioning templates and migration script code
- Security team collaboration: define and validate exclusions, token handling, and a documented exclusions process and technical implementation
- VMware-to-Proxmox migration toolkit: robust, repeatable scripts and pipelines to migrate ~1,500–2,000 on-premises VMs with SSM and SentinelOne registration to a proxmox-based environment
- Proxmox platform readiness: collaborate on capacity planning input, environment validation, and migration tools and scripts
- Provisioning & Templates: Extend existing production Aria Automation environment with new virtual machine templates for SSM and SentinelOne self-registration
- Build reusable, parameterized templates across Aria Automation, Terraform, and Ansible
- Support for all three OS types: Windows, Linux, and macOS (Intel-based)
- Integrate with existing CI-driven provisioning and deprovisioning workflows already in place
- Treat the existing production environment with care — validate all changes in non-production before any production promotion
- Attention to detail and clear team communication of possible clear assessment of production impact it imperative
- AWS SSM Integration: Automate SSM Agent installation and registration as part of every provisioning workflow
- Configure hybrid activation codes for all on-premises (non-EC2) targets across all OS types
- Validate SSM registration before marking provisioning complete
- SentinelOne Integration: Automate SentinelOne agent installation and silent deployment for Windows, Linux, and macOS.
- Develop hands-off integration with SentinelOne so that any defined exclusions are in place at SentinelOne installation time.
- Confirm agent check-in as a provisioning completion gate.
- Security Team Collaboration: Work directly with the internal Security group to define and validate required exclusion sets.
- Work directly with internal security group to define system integration for up-front exclusions activation process.
- Collaborate with Security to develop and document a formal exclusions process — covering what exclusions are permissible, how they are requested, reviewed, and approved.
- GitLab & CI/CD Pipeline Development: Maintain all code in GitLab with regular, meaningful check-ins, pull requests and regular reviews with team.
- Follow generally accepted software development practices: branching strategies, merge requests, commit hygiene, and code review
- Build and maintain GitLab CI pipelines for linting, validation, testing, and deployment of provisioning and migration code
- Implement pipeline stages for Dev, Staging, and Production promotion with appropriate approval gates
- Use Artifactory to store and retrieve binary dependencies.
- Organize repositories clearly so the internal team can understand, maintain, and extend the work after the engagement ends.
- VMware-to-Proxmox Migration: Work with the infrastructure team to inventory all ~1,500–2,000 VMs — workload types, OS, network topology, storage layout, and VMware-specific dependencies (VMware Tools features, VMXNET3, paravirtual SCSI, VMware-specific drivers, etc.)
- Self-review all VMs and migration candidates for VMware-specific dependencies — proactively identify anything that may not translate cleanly to Proxmox and raise findings with the team leader before proceeding
- Coordinate with the infrastructure team on Proxmox capacity planning — advise on node count, storage sizing for ~300TB of VM data, and network configuration
- Design and develop a migration script toolkit (Bash, Python, PowerShell, and/or Ansible) to automate export from VMware and import/conversion to Proxmox-compatible formats using tools such as virt-v2v and qemu-img
- Automate post-migration configuration: network interface remapping, storage attachment, and VM hardware profile alignment
- Integrate SSM Agent and SentinelOne re-registration into the post-migration workflow so migrated VMs are immediately managed and protected on Proxmox
- Implement pre- and post-migration validation checks — confirming VM boot, network connectivity, SSM registration, and SentinelOne check-in before marking a migration complete
- Prefer live migration where feasible; where downtime is unavoidable, coordinate directly with end-users to agree on outage windows before proceeding
- Support a phased migration approach: non-production and lower-risk workloads first, then production with change management gates
- Consult freely and proactively with the team leader throughout — ask questions early, flag concerns immediately, and do not proceed with uncertain migrations without alignment
- Deliver a migration runbook covering prerequisites, execution steps, rollback procedures, and known edge cases
- Proxmox Platform Readiness: Advise the infrastructure team on capacity requirements based on current VMware inventory and ~500TB data volume
- Assist with validation of Proxmox-based self-service provisioning system. Develop and run test scripts and terraform and cloud-init templates for testing.
- Prototype VM provisioning using Terraform (Proxmox provider) and Ansible
- Validate Proxmox networking, storage, and resource configuration against workload requirements
- Documentation & Handoff: Deliver runbooks for all provisioning templates, CI pipelines, and migration workflows
- Document integration architecture, secret/credential management with existing internal controls. Deliver the Security-approved exclusions process as a standalone document
- Deliver the migration script toolkit with inline documentation and a standalone operations guide.
- Conduct a knowledge transfer session with the internal infrastructure team before engagement close
Job Qualifications
Aria Automation: Hands-on experience with production VMware Aria / vRealize Automation 8.x environments; Cloud Assembly, ABX or vRO
Terraform: Proficient with HCL, modules, state management; vSphere, AWS, and Proxmox providers
Ansible: Experience writing playbooks and roles for OS configuration, agent deployment, and migration tasks
AWS SSM: Hands-on with SSM Agent deployment, hybrid activations for on-premises targets, and IAM configuration
SentinelOne: Experience with agent deployment across Windows, Linux, and macOS; Management Console API
Proxmox: Familiarity with Proxmox VE administration, VM/template management, storage, and networking
VMware Migration: Experience exporting VMware VMs and converting to KVM/QEMU-compatible formats
Migration Tooling: Familiarity with virt-v2v, qemu-img, or equivalent VMware-to-KVM conversion tooling
macOS Automation: Experience automating agent deployment and configuration on Intel-based macOS
GitLab: Comfortable with GitLab repo management, branching, merge requests, and regular check-in discipline
GitLab CI: Proficient building .gitlab-ci.yml pipelines with multi-stage, multi-environment deployments
Artifactory: Familiarity with JFrog Artifactory for artifact storage and pipeline integration
Secret Management: Experience integrating with 1Password Vaults for secret retrieval in scripts and pipelines
Scripting
