ITProFound is a Global employer serving the USA, INDIA and Canada. The company develops Software Products and solutions, as well as Project Implementation, besides staff augment to the direct clients.
Job Description
DevOPS/Cloud Engineer - Senior for our direct client Province of Ontario. The position details are given below:
Location: 222 Jarvis St. Toronto, Ontario
Duration: 1 year + Extension
Type: Onsite
Key Responsibilities
- Design and deploy app attestation infrastructure using Apple App Attest and Google Play Integrity API to ensure wallet integrity.
- Architect, deploy, and manage Azure cloud infrastructure and Kubernetes (AKS/OpenShift) clusters/workloads, ensuring reliability, scalability, and secure multi‑environment operations.
- Build and manage containerized workloads using Docker/Podman, infrastructure‑as‑code with Terraform/Ansible, and secure integrations with relational databases and event‑driven systems.
- Implement DevSecOps practices including SAST/DAST scanning, secrets management, certificate rotation, vulnerability remediation, and compliance with identity trust frameworks (PCTF, NIST, eIDAS) and organization cybersecurity policies.
- Conduct load testing, performance benchmarking, and continuous hardening of backend, wallet, and cloud components.
- Implement observability and logging stacks (Prometheus, Grafana, Azure Log Analytics) and integrate crash analytics tools (Crashlytics, App Center) to drive stability and reliability improvements.
- Collaborate with architects, developers, cybersecurity teams, and stakeholders to ensure cohesive delivery across wallet, agent, and platform components.
- Produce documentation such as deployment architectures, runbooks, procedures, and operational playbooks while mentoring engineers in cloud, Kubernetes, and DevOps best practices.
- Implement automated delivery pipelines for digital credentials mobile wallet builds, ensuring consistent signing, versioning, and distribution through CI/CD processes.
- Support publication and lifecycle management of mobile wallet applications in the Apple App Store and Google Play Store, ensuring compliance with platform requirements, signing procedures, and release governance.
- Design and implement backend app attestation infrastructure enabling validation of mobile wallet integrity using Apple App Attest and Google Play Integrity API. Implement push notifications using tools such as Firebase.
- Embed attestation logic into wallet apps, strengthen anti‑tampering controls, and enhance overall platform security posture.
- Implement load‑testing and performance benchmarking using Locust or JMeter to validate system scalability under peak credential issuance and verification loads.
- Enforce SDLC, code quality, and DevOps best practices—code reviews, secure integration of DevSecOps practices in all CI/CD workflows, embedding security scanning, SAST/DAST, secret detection, and container image scanning into pipelines.
- Manage secure configuration of infrastructure including TLS certificate rotation, secret management, encryption policies, network segmentation, and hardened OS baselines.
- Implement identity and access management, privileged access controls, threat modeling, and continuous compliance monitoring.
- Conduct regular infrastructure hardening, patching, library updates, dependency audits, and vulnerability remediation cycles for wallet, agent, and backend components.
- Experience with scripting languages like Python and Bash.
- Ensure alignment with digital identity trust frameworks (PCTF, NIST, eIDAS) and enterprise cybersecurity policies.
- Architecture and maintenance of Azure cloud infrastructure supporting digital credential platform—high availability, resilience, and secure multi‑environment deployments.
- Build and manage containerized workloads using Docker/Podman, applying secure image management, registry automation, and runtime hardening.
- Design and operate Kubernetes production clusters (AKS/OpenShift), including workload orchestration, scaling policies, RBAC, network rules, and automated failover.
- Develop and maintain infrastructure‑as‑code (Terraform, Ansible) to ensure consistent, auditable, automated environment provisioning.
- Support backend components interacting with relational databases (PostgreSQL, MySQL) through secure connections and optimized queries.
- Operate and integrate event‑driven architectures, caching mechanisms, job schedulers and asynchronous messaging systems.
- In‑depth knowledge of Azure networking, VNETs, ingress controllers, firewalls, and identity integrations to support secure and compliant services.
#J-18808-Ljbffr