Job Description

HM Note: This onsite contract role is in office every day at the manager's discretion. Candidate resumes must include first and last name, email and telephone contact information. Candidates can work in client offices at

5700 Yonge Street Toronto, 222 Jarvis Street Toronto, 300 Water St Peterborough, 1000 Southgate Drive Guelph, 301 ST Paul Street St Cathrines and 200 First Avenue North Bay. This engagement commences April 2025 until March 2027

Description

Deliverables:

The resources will serve as subject matter experts supporting a range of cloud initiatives across the Government of Ontario's enterprise environments.Designing and enabling cloud solutions primarily in Azure, AWS, and GCP, with some support for Oracle Cloud Infrastructure (OCI). Engineering and configuring advanced security controls for both existing and new cloud platforms. Supporting complex migrations from on-premises infrastructure to public cloud environments. Developing, updating, and maintaining provisioning pipelines and infrastructure-as-code to enable scalable, automated delivery of cloud services. Creating tools and scripts for data collection, reporting, and operational insights across multi-cloud environments.aEUR<

Key Responsibilities:

Develop, maintain, and enhance environment provisioning pipelines and infrastructure-as-code to support scalable cloud service delivery. Integrate and secure cloud services for enterprise applications across Azure, AWS, GCP, and OCI. Design and document reusable technology patterns for IaaS, PaaS, SaaS, including low-code/no-code deployments and AI solutions. Advance the GoCLOUD product by implementing new features and capabilities aligned with its maturity roadmap. Contribute to product planning activities including roadmap development, service documentation, process optimization, and communication strategies.aEUR<


Skills
Experience and Skill Set Requirements

Evaluation Breakdown

1. Design and Cloud - 25%

Parameters:

The candidate must have advanced design and implementation knowledge for Azure or AWS

Compute: Azure Virtual Machines, AKS, App Services Networking: VNet, NSG, Load Balancer, Front Door, ExpressRoute Storage: Blob, Files, Data Lake Identity & Security: Azure AD, RBAC, Key Vault, Policies Monitoring: Azure Monitor, Log Analytics Automation: ARM Templates, Bicep, Terraform Data Services: Azure SQL, Synapse, Cosmos DB CI/CD: Azure DevOps, GitHub Actions Cost Management: Azure Cost Analysis, Reservations Data skills for AI familiar with data bricks, fabric know ledge vector embeddings, chunking strategies LLM integration experience and knowledge

OrCompute: EC2, ECS, EKS, Lambda Networking: VPC, Route 53, ALB/NLB, Direct Connect Storage: S3, EBS, EFS, Glacier Identity & Security: IAM, KMS, Secrets Manager Monitoring: CloudWatch, X-Ray Automation: CloudFormation, Terraform Data Services: RDS, DynamoDB, Redshift CI/CD: CodePipeline, CodeBuild Cost Management: AWS Cost Explorer, Savings Plan


Data skills for AI experience with data bricks know ledge vector embeddings LLM integration experience and knowledge

Nice to have:

GCP and OCI

Compute Engine (VMs), Google Kubernetes Engine (GKE) GCP AI knowledge and skills (data to LLM) VPC design, subnets, firewall rules, Cloud Load Balancing Hybrid connectivity (Cloud VPN, Interconnect) Cloud Storage (buckets, lifecycle policies) BigQuery (data warehouse), Cloud SQL, Firestore Dataflow and Pub/Sub for streaming and ETL Load Balancer and FastConnect for hybrid connectivity OCI Identity Domains and IAM policies

2. Security - 25%

Parameters:

All solution require security be default, describe key parts of cloud security and how you have enabled as part of an application or environment deployment. The applicant should have a high level of knowledge in these areas. Microsoft Entra

Entra Permissions Management (CIEM) Entra Verified ID (Decentralized Identity) Advanced governance with Identity Protection

Conditional Access Mastery Complex policy design for multiple apps and roles Integration with Intune for device compliance Policy simulation and troubleshooting

Threat Detection & Response Microsoft Sentinel (SIEM) deployment and playbooks Defender for Identity integration

Zero Trust Architecture Implementing Zero Trust principles across identity, network, and endpoints

Automation & Governance Automating security policies with PowerShell and Graph API Azure Blueprints for compliance frameworks (ISO, NIST, CIS)

3. Code - 10%

Parameters:

Terraform Writing reusable modules State management and remote backends Workspaces for multi-environment deployments

CI/CD Integration GitHub Actions, Azure DevOps, AWS CodePipeline


Secrets Management Integration with Key Vault (Azure), Secrets Manager (AWS)

Policy as Code Sentinel (Terraform), Azure Policy, AWS Config

Cloud AI Services

:
Azure AI, AWS AI, Google Vertex AI for OCR and document processing LangChain For building RAG pipelines Document parsing and data cleaning

4. Projects - 10%

Parameters:

Stakeholder engagement and requirement gathering Risk assessment and mitigation strategies Vendor and third-party integration management Leading technical teams through design and build phases Strong communication for reporting Decision-making under constraints Mentoring and knowledge transfer

Must Have:

Develop, maintain, and enhance environment provisioning pipelines and infrastructure-as-code to support scalable cloud service delivery. Integrate and secure cloud services for enterprise applications across Azure, AWS, GCP, and OCI. Design and document reusable technology patterns for IaaS, PaaS, SaaS, including low-code/no-code deployments and AI solutions. Advance the GoCLOUD product by implementing new features and capabilities aligned with its maturity roadmap. * Contribute to product planning activities including roadmap development, service documentation, process optimization, and communication strategies.a