DevOps Container Engineer

Software International (SI) supplies technical talent to a variety of clients ranging from Fortune 100/500/1000 companies to small and mid-sized organizations in Canada/US.

We currently have a 8 month to start + long termrenewals contract as a DevOps Container Engineer with our large global infrastructure client, supporting a major financial client account. This could be an indefinite long term contract.

Type: Contract

Duration: 8 months to start + possible multiple extensions

Rate: $75 - $85/hr + C2C - depending on overall experience

Location: Hybrid - 2/3 days onsite, downtown, Toronto

Domain:Banking

We are looking for a DevOps Container Engineer to work across multiple diverse businesses within the end client(bank)to deliver enterprise capabilities and solutions on the Cloud. The perfect candidate will have previous public cloud experience delivering enterprise solutions within financial services including knowledge of the security and regulatory requirements.

You will work in collaboration with cloud engineering, network, security, and risk management to deliver bank secured solutions that meet security policies and standards within client organization. You will collaborate with developers in our engineering team and lines of business to implement and continuously improve the framework and tools to support self-service automation of the platform. You will develop custom code to automate building and automating the life cycles of a containers.

You will have a strong passion for writing code to automate and integrate technologies and eliminate manual steps. You will work with our business developers and internal teams to maintain a backlog of features and integration enhancements to continue to automate the platform. You will develop code using our agile JIRA tools to manage a backlog of enhancements and bug-fixes. You will get the opportunity to work with Kubernetes to solve business problems with cutting edge solutions to deliver on key business needs.

Roles and Responsibilities:

• Design, deploy and manage containerized environments using Kubernetes, AKS (Azure Kubernetes Service), GKE (Google Kubernetes Engine), or similar platform.
• Document security configurations, procedures and guidelines for containerized environments, ensuring compliance with organizational standards and regulatory requirements.
• Develop and maintain security tools, scripts, and automation workflows to enhance container security operations and incident response capabilities.
• Utilize IaC (Infrastructure-as-Code) tools such as Terraform to automate infrastructure provisioning, ensure consistent configuration and prevent drift.
• Work with microservice architecture, designing APIs, managing Ingress controllers, and implementing service meshes for improved scalability and security.
• Develop CI/CD Pipelines using GitHub Actions/Workflows to build and deploy containers.
• Stay updated with emerging security threats and industry best practices related to container security and cloud-native technologies.
• Consult with vulnerability assessments, security audits and penetration testing to identity security gaps within containerized environments.
• Address security gaps identified within containerized environments.
• Provide guidance and support to developers and operations teams on secure containerization practices, images scanning and runtime protection.
• Participate in incident response activities, security incident investigations and post-mortem analysis to improve incident handling processes.
• Document security configurations, procedures and guidelines for containerized environments, ensuring compliance with organizational standards and regulatory requirements.
• Monitor containerized environments to optimize performance and utilization
• Develop and Test Disaster Recovery (DR) and Business Continuity Plans (BCP)

Required Skills:

• 3+ years of experience with cloud computing platforms such as Azure and Google.
• 3+ years of experience with container technologies such as Kubernetes, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Docker, Podman.
• Familiarity with Cloud PaaS Services such as Azure Container Apps, Azure App Services, Azure ML, Google Cloud Run, Google GKE Autopilot.
• Experience developing CI/CD pipelines using technologies such as GitHub Actions, Jenkins.
• Experience using IaC (Infrastructure-as-Code) tools such as Terraform, ARM, Bicep.
• Strong understanding of DevOps/Platform Engineering principals.
• Strong programming/scripting skills in languages such as Python, Go, bash/shell, Java, NodeJS.
• Familiarity with Cloud CLIs and SDKs.
• Familiarity writing/consuming REST APIs.
• Strong understanding of Network security principles, encryption protocols and identity management concepts.
• Strong understanding of Kubernetes Resource Types (i.e. ClusterRoles, Services, Deployments etc.)
• Experience implementing Kubernetes technologies such as Network Policies, Service Mesh, Certificate Manager, Ingress Controllers
• Experience developing compliance policies/scripts using tools such as Azure Policy, Google Org Policy, Aquasec, Wiz.
• Knowledge of monitoring tools such as Datadog, Grafana, and Prometheus.
• Strong fundamental knowledge of Operating Systems (RHEL, Ubuntu)
• Demonstrated knowledge of container provisioning and administration, cloud bursting, cloud interoperability, cloud disaster recovery and business continuity strategies.
• Understanding of Public Key Infrastructure (PKI), managing public key and private key certificates in Cloud environment for Paas services and applications
• Excellent written and verbal communication skills with the ability to communicate clearly with all levels within the team.
• Critical thinker with strong research and analytics skills.
• Initiative-taking individual with a positive attitude and an ability to work independently and in a team.
• Professional certifications such as Certified Kubernetes Administrator (CKA), Certified Kubernetes Security Specialist (CKS), Certified Terraform Associate or other relevant security certifications (i.e. CISSP, CISM)