RQ09921 Technology Architect Senior

Deliverables:

The resources will serve as subject matter experts supporting a range of cloud initiatives across the Government of Ontarios enterprise environments.

• Designing and enabling cloud solutions primarily in Azure AWS and GCP with some support for Oracle Cloud Infrastructure (OCI).
  
• Engineering and configuring advanced security controls for both existing and new cloud platforms.
  
• Supporting complex migrations from on-premises infrastructure to public cloud environments.
  
• Developing updating and maintaining provisioning pipelines and infrastructure-as-code to enable scalable automated delivery of cloud services.
  
• Creating tools and scripts for data collection reporting and operational insights across multi-cloud environments.
  

Key Responsibilities:

• Develop maintain and enhance environment provisioning pipelines and infrastructure-as-code to support scalable cloud service delivery.
  
• Integrate and secure cloud services for enterprise applications across Azure AWS GCP and OCI.
  
• Design and document reusable technology patterns for IaaS PaaS SaaS including low-code/no-code deployments and AI solutions.
  
• Advance the GoCLOUD product by implementing new features and capabilities aligned with its maturity roadmap.
  
• Contribute to product planning activities including roadmap development service documentation process optimization and communication strategies.
  

Requirements

Experience and Skill Set Requirements:

Must Haves:

• Develop maintain and enhance environment provisioning pipelines and infrastructure-as-code to support scalable cloud service delivery.
  
• Integrate and secure cloud services for enterprise applications across Azure AWS GCP and OCI.
  
• Design and document reusable technology patterns for IaaS PaaS SaaS including low-code/no-code deployments and AI solutions.
  
• Advance the GoCLOUD product by implementing new features and capabilities aligned with its maturity roadmap.
  
• Contribute to product planning activities including roadmap development service documentation process optimization and communication strategies.
  

Skill Set Requirements:

Design and Cloud:

The candidate must have advanced design and implementation knowledge for Azure or AWS

• Compute: Azure Virtual Machines AKS App Services
  
• Networking: VNet NSG Load Balancer Front Door ExpressRoute
  
• Storage: Blob Files Data Lake
  
• Identity & Security: Azure AD RBAC Key Vault Policies
  
• Monitoring: Azure Monitor Log Analytics
  
• Automation: ARM Templates Bicep Terraform
  
• Data Services: Azure SQL Synapse Cosmos DB
  
• CI/CD: Azure DevOps GitHub Actions
  
• Cost Management: Azure Cost Analysis Reservations
  
• Data skills for AI familiar with data bricks fabric
  
• know ledge vector embeddings chunking strategies
  
• LLM integration experience and knowledge
  

Or

• Compute: EC2 ECS EKS Lambda
  
• Networking: VPC Route 53 ALB/NLB Direct Connect
  
• Storage: S3 EBS EFS Glacier
  
• Identity & Security: IAM KMS Secrets Manager
  
• Monitoring: CloudWatch X-Ray
  
• Automation: CloudFormation Terraform
  
• Data Services: RDS DynamoDB Redshift
  
• CI/CD: CodePipeline CodeBuild
  
• Cost Management: AWS Cost Explorer Savings Plan
  

Data skills for AI experience with data bricks know ledge vector embeddings

LLM integration experience and knowledge

Nice to have GCP and OCI:

• Compute Engine (VMs) Google Kubernetes Engine (GKE)
  
• GCP AI knowledge and skills (data to LLM)
  
• VPC design subnets firewall rules Cloud Load Balancing
  
• Hybrid connectivity (Cloud VPN Interconnect)
  
• Cloud Storage (buckets lifecycle policies)
  
• BigQuery (data warehouse) Cloud SQL Firestore
  
• Dataflow and Pub/Sub for streaming and ETL
  
• Load Balancer and FastConnect for hybrid connectivity
  
• OCI Identity Domains and IAM policies
  

Security:

All solution require security be default describe key parts of cloud security and how you have enabled as part of an application or environment deployment. The applicant should have a high level of knowledge in these areas.

Microsoft Entra:

• Entra Permissions Management (CIEM)
  
• Entra Verified ID (Decentralized Identity)
  
• Advanced governance with Identity Protection
  

Conditional Access Mastery:

• Complex policy design for multiple apps and roles
  
• Integration with Intune for device compliance
  
• Policy simulation and troubleshooting
  

Threat Detection & Response:

• Microsoft Sentinel (SIEM) deployment and playbooks
  
• Defender for Identity integration
  

Zero Trust Architecture:

• Implementing Zero Trust principles across identity network and endpoints
  

Automation & Governance:

• Automating security policies with PowerShell and Graph API
  
• Azure Blueprints for compliance frameworks (ISO NIST CIS)
  

Code:

Terraform

• Writing reusable modules
  
• State management and remote backends
  
• Workspaces for multi-environment deployments
  

CI/CD Integration

• GitHub Actions Azure DevOps AWS CodePipeline
  

Secrets Management

• Integration with Key Vault (Azure) Secrets Manager (AWS)
  

Policy as Code

• Sentinel (Terraform) Azure Policy AWS Config
  

Cloud AI Services:

• Azure AI AWS AI Google Vertex AI for OCR and document processing
  
• LangChain For building RAG pipelines
  
• Document parsing and data cleaning
  

Projects:

• Stakeholder engagement and requirement gathering
  
• Risk assessment and mitigation strategies
  
• Vendor and third-party integration management
  
• Leading technical teams through design and build phases
  
• Strong communication for reporting
  
• Decision-making under constraints
  
• Mentoring and knowledge transfer