Cloud DevOps Engineer (Microservices Application Development)
Astra North Infoteck Inc.
- Toronto, ON
- Permanent
- Full-time
Location: Toronto, ON (Hybrid)Job Description : We are looking for a Cloud DevOps Engineer to own the end-to-end delivery and operations of microservices-based applications on cloud platforms.The role combines DevOps practices, cloud infrastructure, and hands-on programming (Java/.NET/Python/Node.js) to enable secure, reliable, and high-velocity releases.Key Responsibilities:1. Cloud Infrastructure Platform (AWS / Azure / GCP)
- Design and provision cloud resources:
- Compute, networking, storage, IAM
- Implement Infrastructure as Code using:
- Terraform, CloudFormation, ARM, Bicep
- Set up Kubernetes clusters:
- AKS, EKS, GKE
- Configure autoscaling, node pools, pod disruption budgets
- Implement secure networking:
- VNet/VPC, subnets, security groups
- Private endpoints, ingress/egress
- Manage:
- Secrets and KMS / Key Vault integration
- Least-privilege access controls
- Build and maintain CI/CD pipelines using:
- Azure DevOps, GitHub Actions, Jenkins, GitLab CI
- Implement deployment strategies:
- Blue-Green
- Canary
- Rolling deployments with rollback
- Integrate quality gates:
- Unit & integration tests
- SAST / DAST
- License scans
- Package and manage:
- Docker images
- Helm charts
- Versioning and SBOMs
- Design and develop microservices:
- REST / gRPC
- Event-driven architecture
- Containerize and orchestrate:
- Docker
- Kubernetes (Helm, Kustomize)
- Manage:
- Service discovery
- API Gateway
- Configuration and circuit breakers (Istio, Linkerd, Envoy)
- Implement resilience patterns:
- Retries, timeouts, bulkheads
- Idempotency and backpressure
- Build scalable and testable services using clean architecture and SOLID principles
- Write automated tests:
- Unit, contract, integration
- Implement:
- Observability (logs, metrics, traces)
- Feature flags
- Integrate with:
- Databases: PostgreSQL, MySQL, MongoDB, Redis
- Messaging: Kafka, RabbitMQ, Event Hubs
- Build REST/gRPC services
- Use Spring Cloud Config, Resilience4j, OpenFeign
- Maven/Gradle builds, JUnit, Mockito, RestAssured, OpenAPI/Swagger
- Use Pydantic models
- Async IO where appropriate
- pytest, tox, black, ruff
- Implement shift-left security:
- SAST / DAST
- Dependency and container scanning
- IaC scans
- Manage secrets:
- Key Vault, Secrets Manager, Vault
- Rotation policies
- Implement:
- OAuth2, OIDC, JWT, mTLS
- API security best practices
- Enforce policies:
- OPA, Gatekeeper, Kyverno
- Compliance tagging (CIS benchmarks)
- Support:
- Audit logging
- Data classification
- Encryption (at rest & in transit)
- Implement monitoring:
- Metrics, logs, traces
- Prometheus, Grafana
- CloudWatch, Cloud Logging, Azure Monitor, OpenTelemetry
- Define and track:
- SLIs / SLOs
- Alerts and on-call runbooks
- Perform:
- Incident response
- Root Cause Analysis (RCA)
- Error budget management
- Optimize:
- Performance (latency, throughput, CPU, memory)
- Cloud cost efficiency