Ministry of Public and Business Service Delivery and Procurement
Description
Key Responsibilities
- Build and maintain automated CI/CD pipelines using tools such as Azure DevOps, Fastlane, BrowserStack, Codemagic etc., for mobile wallet and backend services, including signing, versioning, testing, and app store deployment workflows.
- Architect, deploy, and manage Azure cloud infrastructure and Kubernetes (AKS/OpenShift) clusters/workloads, ensuring reliability, scalability, and secure multi?environment operations.
- Build and manage containerized workloads using Docker/Podman, infrastructure?as?code with Terraform/Ansible, and secure integrations with relational databases and event?driven systems.
- Implement DevSecOps practices including SAST/DAST scanning, secrets management, certificate rotation, vulnerability remediation, and compliance with identity trust frameworks (PCTF, NIST, eIDAS) and organization cybersecurity policies.
- Conduct load testing, performance benchmarking, and continuous hardening of backend, wallet, and cloud components.
- Implement observability and logging stacks (Prometheus, Grafana, Azure Log Analytics) and integrate crash analytics tools (Crashlytics, App Center) to drive stability and reliability improvements.
- Collaborate with architects, developers, cybersecurity teams, and stakeholders to ensure cohesive delivery across wallet, agent, and platform components.
- Produce documentation such as deployment architectures, runbooks, procedures, and operational playbooks while mentoring engineers in cloud, Kubernetes, and DevOps best practices.
DevSecOps, CI/CD Automation & Engineering Quality – 35%
- Build, maintain, and optimize CI/CD pipelines using tools such as Azure DevOps, GitHub Actions, etc., for backend services, including automated testing, container builds, artifact management, and deployment approvals.
· Implement load-testing and performance benchmarking using tools such as Locust or JMeter to validate system scalability under peak credential issuance and verification loads.
- Enforce SDLC, code quality, and DevOps best practices—including code reviews, secure Integrate DevSecOps practices into all CI/CD workflows, embedding security scanning, SAST/DAST, secret detection, and container image scanning into pipelines.
- Experience with scripting languages like Python and Bash
- Manage secure configuration of infrastructure including TLS certificate rotation, secret management, encryption policies, network segmentation, and hardened OS baselines.
- Work with teams to implement identity and access management, privileged access controls, threat modeling, and continuous compliance monitoring.
- Conduct regular infrastructure hardening, patching, library updates, dependency audits, and vulnerability remediation cycles for wallet, agent, and backend components.
- Ensure alignment with digital identity trust frameworks (PCTF, NIST, eIDAS) and enterprise cybersecurity policies.
Cloud Architecture, Platform Engineering & Infrastructure-as-Code – 30%
· An expert in architecting, building, and maintaining Azure cloud infrastructure that supports the digital credential platform, ensuring high availability, resilience, and secure multi?environment deployments.
- Build and manage containerized workloads using Docker/Podman, applying secure image management, registry automation, and runtime hardening.
- Design and operate Kubernetes production clusters (AKS/OpenShift), including workload orchestration, scaling policies, RBAC, network rules, and automated failover.
- Develop and maintain infrastructure?as?code using Terraform, Ansible, and related tooling to ensure consistent, auditable, and automated environment provisioning.
- Support backend components interacting with relational databases (e.g., PostgreSQL, MySQL) through secure connections and optimized queries.
- Operate and integrate event?driven architectures, caching mechanism, job schedulers and asynchronous messaging systems.
- In-depth knowledge of Azure networking, VNETs, ingress controllers, firewalls, and identity integrations to support secure and compliant services.
- Proven experience designing modern architectural patterns to support delivery of complex IT solutions that are reliable, secure, responsive and scalable.
- Experience applying industry cloud and security standards and best practices to your work that can be adopted by others.
Observability, Monitoring & System Insights – 20%
- Implement and maintain observability stacks using Prometheus, Grafana, Azure Log Analytics, or equivalent tools, ensuring end?to?end visibility across services.
- Design and implement Application Performance Monitoring (APM) to gain visibility into production workloads deployed in the cloud.
· Define dashboards, alerting rules, incident playbooks, SLIs/SLOs, and health checks to support high?availability identity workloads.
- Conduct root?cause analysis and drive long?term reliability improvements across cloud, container, and other infrastructure components.
Collaboration, Documentation & Agile Delivery – 10%
- Work closely with architects, developers, automation engineers, cybersecurity teams, and enterprise stakeholders to ensure cohesive solution delivery.
- Produce and maintain documentation including diagrams, deployment architectures, operational runbooks, method of procedures, and troubleshooting playbooks.
- Participate in Agile ceremonies and contribute to planning, release coordination, and cross?team technical alignment.
- Mentor team members in cloud engineering, DevOps automation, Kubernetes operations, and secure deployment practices.
Digital Credentials and Trust Services – 5%
- Demonstrated experienced with implementing (deployment and configuration) open-source OpenWallet Foundation products, including ACA-Py and its plugins.
- Has demonstrated understanding and experience with operating and supporting a digital credentials platform in a enterprise cloud based deployment.
- Has experience working with related Open-Source community.
Closing Date/Time: 2026-02-06, 12:00 p.m. EST
Max submission: 1 (one)
5 days onsite
Must Have:
Please focus on the bolded technologies in the Experience and skill set requirements.
