Job Description
The Cloud Architect – OS Image Engineering contractor will lead the design, automation, and lifecycle
management of golden OS images and base container images across internal cloud (VMware) and public cloud
environments (Azure, GCP, AWS) as well as Kubernetes clusters.
Key Responsibilities
• Define enterprise OS image strategy for VMware templates, cloud-native images, and Kubernetes base
containers.
• Build and maintain Packer templates for VMware, Azure, GCP, AWS, and container images.
• Develop Ansible roles/playbooks for OS hardening (CIS/NIST), agent installation, and configuration.
• Embed automation into CI/CD pipelines (GitHub Actions / Azure DevOps) for image build, validation, and
promotion.
• Integrate ServiceNow change management workflows for image releases and patch cycles.
• Implement CIS benchmarks, vulnerability scanning (Trivy, Grype), and image signing (Cosign).
• Generate SBOMs for container images; enforce supply-chain security policies via OPA/Gatekeeper.
• Integrate HashiCorp Vault for secrets management during image builds.
• Define patching cadence, deprecation policies, and release trains for golden images.
• Manage artifact repositories (Harbor, ACR, ECR, GCR) with RBAC and retention policies.
• Deliver Terraform modules referencing approved images for platform and app teams.
• Conduct design reviews and publish reference architectures for image consumption.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
8+ years in cloud/platform engineering with hands-on experience in Azure, GCP, AWS, and VMware
vSphere.
• 5+ years building OS images using Packer and configuration management via Ansible.
• Strong knowledge of Linux (RHEL/Ubuntu) and Windows Server internals, cloud-init, waagent, gce-agent.
• Experience with CI/CD pipelines, GitOps practices, and Infrastructure-as-Code (Terraform).
• Proven track record in security hardening, compliance enforcement, and vulnerability management.
• Familiarity with Kubernetes base image design and container security best practices.
Preferred Qualifications
• Certifications: Azure Solutions Architect, AWS SA – Pro, GCP Professional Architect, VMware VCP,
CKA/CKAD.
• Experience with Vault, ServiceNow, and policy enforcement tools (OPA/Kyverno).
• Background in regulated environments (SOX, PCI, HIPAA).
Compliance Requirements
• Background check prior to onboarding.
• Signed NDA and adherence to company security policies.
• Vendor onboarding through approved procuremen
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.