RQ09921 - Technology Architect - Senior

Deliverables:

The resources will serve as subject matter experts supporting a range of cloud initiatives across the Government of Ontario's enterprise environments.

• Designing and enabling cloud solutions primarily in Azure, AWS, and GCP, with some support for Oracle Cloud Infrastructure (OCI).
  
• Engineering and configuring advanced security controls for both existing and new cloud platforms.
  
• Supporting complex migrations from on-premises infrastructure to public cloud environments.
  
• Developing, updating, and maintaining provisioning pipelines and infrastructure-as-code to enable scalable, automated delivery of cloud services.
  
• Creating tools and scripts for data collection, reporting, and operational insights across multi-cloud environments.​
  

Key Responsibilities:

• Develop, maintain, and enhance environment provisioning pipelines and infrastructure-as-code to support scalable cloud service delivery.
  
• Integrate and secure cloud services for enterprise applications across Azure, AWS, GCP, and OCI.
  
• Design and document reusable technology patterns for IaaS, PaaS, SaaS, including low-code/no-code deployments and AI solutions.
  
• Advance the GoCLOUD product by implementing new features and capabilities aligned with its maturity roadmap.
  
• Contribute to product planning activities including roadmap development, service documentation, process optimization, and communication strategies.​
  

Experience and Skill Set Requirements:

Must Haves:

• Develop, maintain, and enhance environment provisioning pipelines and infrastructure-as-code to support scalable cloud service delivery.
  
• Integrate and secure cloud services for enterprise applications across Azure, AWS, GCP, and OCI.
  
• Design and document reusable technology patterns for IaaS, PaaS, SaaS, including low-code/no-code deployments and AI solutions.
  
• Advance the GoCLOUD product by implementing new features and capabilities aligned with its maturity roadmap.
  
• Contribute to product planning activities including roadmap development, service documentation, process optimization, and communication strategies.
  

Skill Set Requirements:

Design and Cloud:

The candidate must have advanced design and implementation knowledge for Azure or AWS

• Compute: Azure Virtual Machines, AKS, App Services
  
• Networking: VNet, NSG, Load Balancer, Front Door, ExpressRoute
  
• Storage: Blob, Files, Data Lake
  
• Identity & Security: Azure AD, RBAC, Key Vault, Policies
  
• Monitoring: Azure Monitor, Log Analytics
  
• Automation: ARM Templates, Bicep, Terraform
  
• Data Services: Azure SQL, Synapse, Cosmos DB
  
• CI/CD: Azure DevOps, GitHub Actions
  
• Cost Management: Azure Cost Analysis, Reservations
  
• Data skills for AI familiar with data bricks, fabric
  
• know ledge vector embeddings, chunking strategies
  
• LLM integration experience and knowledge
  

Or

• Compute: EC2, ECS, EKS, Lambda
  
• Networking: VPC, Route 53, ALB/NLB, Direct Connect
  
• Storage: S3, EBS, EFS, Glacier
  
• Identity & Security: IAM, KMS, Secrets Manager
  
• Monitoring: CloudWatch, X-Ray
  
• Automation: CloudFormation, Terraform
  
• Data Services: RDS, DynamoDB, Redshift
  
• CI/CD: CodePipeline, CodeBuild
  
• Cost Management: AWS Cost Explorer, Savings Plan
  

Data skills for AI experience with data bricks know ledge vector embeddings

LLM integration experience and knowledge

Nice to have GCP and OCI:

• Compute Engine (VMs), Google Kubernetes Engine (GKE)
  
• GCP AI knowledge and skills (data to LLM)
  
• VPC design, subnets, firewall rules, Cloud Load Balancing
  
• Hybrid connectivity (Cloud VPN, Interconnect)
  
• Cloud Storage (buckets, lifecycle policies)
  
• BigQuery (data warehouse), Cloud SQL, Firestore
  
• Dataflow and Pub/Sub for streaming and ETL
  
• Load Balancer and FastConnect for hybrid connectivity
  
• OCI Identity Domains and IAM policies
  

Security:

All solution require security be default, describe key parts of cloud security and how you have enabled as part of an application or environment deployment. The applicant should have a high level of knowledge in these areas.

Microsoft Entra:

• Entra Permissions Management (CIEM)
  
• Entra Verified ID (Decentralized Identity)
  
• Advanced governance with Identity Protection
  

Conditional Access Mastery:

• Complex policy design for multiple apps and roles
  
• Integration with Intune for device compliance
  
• Policy simulation and troubleshooting
  

Threat Detection & Response:

• Microsoft Sentinel (SIEM) deployment and playbooks
  
• Defender for Identity integration
  

Zero Trust Architecture:

• Implementing Zero Trust principles across identity, network, and endpoints
  

Automation & Governance:

• Automating security policies with PowerShell and Graph API
  
• Azure Blueprints for compliance frameworks (ISO, NIST, CIS)
  

Code:

Terraform

• Writing reusable modules
  
• State management and remote backends
  
• Workspaces for multi-environment deployments
  

CI/CD Integration

• GitHub Actions, Azure DevOps, AWS CodePipeline
  

Secrets Management

• Integration with Key Vault (Azure), Secrets Manager (AWS)
  

Policy as Code

• Sentinel (Terraform), Azure Policy, AWS Config
  

Cloud AI Services :

• Azure AI, AWS AI, Google Vertex AI for OCR and document processing
  
• LangChain For building RAG pipelines
  
• Document parsing and data cleaning
  

Projects:

• Stakeholder engagement and requirement gathering
  
• Risk assessment and mitigation strategies
  
• Vendor and third-party integration management
  
• Leading technical teams through design and build phases
  
• Strong communication for reporting
  
• Decision-making under constraints
  
• Mentoring and knowledge transfer