RQ07971:DevOPS/Cloud Engineer

Description

The SADIE-EMR integration Minimum Viable Product (MVP) release has been identified as a critical component of the Patients Before Paperwork (Pb4P) program.

This initiative, a collaborative effort between Ontario Health, the Ministry of Health (Digital & Analytics Strategy Division, Health Programs & Delivery Division, Health Services I&IT Cluster), and OntarioMD, aims to optimize administrative processes for prescribers across the province.

The integration will enhance the current SADIE platform by leveraging existing provincial digital assets such as ONE ID, Viewlet Framework, Context Management System, ONE Access Toolbar, ONE Access Provider Gateway, and Health Report Manager (HRM).

Responsibilities :

• Assess frameworks, platforms, and tech stacks to assist in creating robust cloud-based solutions across public, private, hybrid, and on-premises cloud environments.
• Design, build, and support cloud environments to facilitate digital transformation and modernization.
• Monitor and assess the performance of applications in public, private, hybrid, and on-premises cloud environments to ensure solutions are optimized and secure.
• Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues.
• Create, test, and implement safeguards to maintain data integrity and protect against unauthorized access.

General Skills :

• Extensive experience with ArgoCD, Tekton, Jenkins, Azure DevOps, and GitOps for continuous integration and continuous deployment pipelines.
• Proficient in managing PKI certificates, SSL / TLS encryption, and securing HTTP / S protocols, with a strong understanding of DNS management, VPNs, firewall rules, and load balancing across WAN, LAN, and public and private networks.
• Strong knowledge of Identity and Access Management (IAM) including JWT, SAML, OpenID Connect , and OAuth 2.0 , with experience managing API secrets and keys using tools such as Secrets Store CSI Driver and Azure Key Vault.
• Hands-on experience with Kubernetes, RedHat OpenShift, Azure Container Registry, OpenShift Image Registry, and container security tools such as Trivy and Podman.
• Proficient in managing containerized environments using Nexus, Maven, and npm.
• Expertise in setting up and managing logging, monitoring, and alerting systems using Grafana, Kibana, fluentd, Elasticsearch, Logstash, and Watchers.
• Proficient in working with RESTful APIs, Gravitee.io , IBM API Connect, and ensuring connectivity with external web services, APIs, and databases such as Oracle, eFax, and DataPower.
• Deep understanding of networking concepts including TCP / IP, DNS, and SSL / TLS.
• Expertise in resource and performance optimization across cloud and on-premises environments.
• Experience with Kafka, Strimzi, Redis, and Nexus for middleware and integration services.
• Skilled in using DependencyTrack, SonarQube, ClamAV, and other tools for code quality and security scanning.
• Proficient in working with JSON, XML, and tools like SoapUI.
• Ability to troubleshoot connectivity issues, certificate issues, user access issues, error logs, and production incidents within SLAs, including experience in creating and managing support tickets and coordinating with support teams.
• Strong knowledge of directory services and access management, including Active Directory and LDAP.
• Familiarity with frameworks and libraries such as Spring Boot, Angular, ExpressJS, openthtmltopdf, Freemarker, and Drools.
• Experience with SMTP relay configurations.

Desirable Skills :

• Familiarity with HL7 FHIR and HAPI FHIR / SmileCDR for healthcare data integration.
• Experience working with Ontario Healths ONE ID for secure access in healthcare environments.
• Experience with OntarioMDs Health Report Manager (HRM) infrastructure, specifically in managing and optimizing HRM-related data transmission pipelines.
• Experience working in the public sector.

NOTE

Extension / Amendment Attestation : Extension(s) only allowed using unused days / funds left on contract. No additional funds will be added beyond the maximum contract value and any extension options included in the original SOW.

Assignment Type : This position is currently listed as Hybrid as consultants will be required to work onsite at the work location 2 days a week and 3 days from home.

SkillsExperience and Skill Set Requirements

Public Sector Experience

Demonstrated experience implementing and supporting cloud environments within public sector organizations, ensuring compliance with government standards and policies.

• Proven ability to navigate public sector IT project approval processes and deliver solutions that meet specific regulatory and security requirements.
• Experience working on large-scale public sector projects, contributing to the successful deployment and management of cloud infrastructure and services.

Strong understanding of public sector enterprise architecture, with the ability to produce and maintain technical documentation that aligns with government protocols.

Technical Skills

Proficient in managing and securing cloud environments across public, private, hybrid, and on-premises infrastructures, including strong expertise in PKI certificates, SSL / TLS encryption, and securing HTTP / S protocols.

• Extensive experience in managing containerized environments using tools such as Kubernetes, RedHat OpenShift, Docker, Podman, Nexus, Maven, and npm, with a focus on maintaining container security and efficiency.
• Advanced skills in setting up, managing, and monitoring logging, alerting, and performance tracking systems using tools like Grafana, Kibana, Elasticsearch, Logstash, fluentd, and Watchers.
• Strong technical knowledge of networking, including TCP / IP, DNS, VPNs, firewall rules, and load balancing across WAN, LAN, and public / private networks, with the ability to troubleshoot and optimize network configurations.
• Experience in working with middleware and integration services such as Kafka, Strimzi, Redis, and ensuring connectivity with external web services, APIs, and databases like Oracle and DataPower.

Proficient in Identity and Access Management (IAM) frameworks, including managing API secrets and keys using Secrets Store CSI Driver and Azure Key Vault, and implementing solutions with JWT, SAML, OpenID Connect, and OAuth 2.0.

DevOps Experience

5+ years experience in designing, building, and maintaining CI / CD pipelines using tools such as ArgoCD, Tekton, Jenkins, Azure DevOps, and GitOps, with a focus on automating continuous integration and deployment of cloud-based systems.

• 5+ years with proven ability to assess frameworks, platforms, and technology stacks to create robust, scalable, and secure cloud-based solutions, supporting digital transformation and modernization efforts.
• 10+ years experience in monitoring and optimizing the performance of applications across non-production and production environments including identifying and resolving infrastructure vulnerabilities and deployment issues.
• 10+ years demonstrated expertise in implementing security safeguards to maintain data integrity and protect against unauthorized access, with hands-on experience in creating, testing, and deploying these solutions.
• 10+ years of skilled in troubleshooting and resolving issues related to infrastructure, deployment, connectivity, and security within cloud environments, with a strong track record of maintaining service level agreements (SLAs) and coordinating with support teams.

5+ years experience in resource and performance optimization across cloud environments, ensuring that solutions are efficient, scalable, and aligned with organizational goals.

Communication Skills

Clearly communicates complex cloud and DevOps concepts to both technical and non-technical stakeholders, using strong presentation skills to convey information, options, and recommendations effectively.

• Demonstrates expertise in writing and editing technical documentation, including configuration guides, run books, and specification documents, ensuring clarity and usability for diverse audiences.
• Effectively collaborates with cross-functional teams, leveraging interpersonal and negotiation skills to resolve issues and create a productive work environment, particularly in 24x7 critical environments.

Proactively engages in team discussions, conducting research and assessments to address technical design issues while maintaining alignment with DevOps and Agile principles.

Supplier Comments

Closing Date - 2024-10-29, 9 : 30 a.m

Maximum Number of Submissions - one (1)

Hybrid - Candidate MUST be able to work 3 days onsite and 2 days remote

MUST HAVES :

Extensive experience in managing containerized environments using tools such as Kubernetes, RedHat OpenShift, Docker, Podman, Nexus, Maven, and npm, with a focus on maintaining container security and efficiency.

Proficient in Identity and Access Management (IAM) frameworks, including managing API secrets and keys using Secrets Store CSI Driver and Azure Key Vault, and implementing solutions with JWT, SAML, OpenID Connect, and OAuth 2.0.

Advanced skills in setting up, managing, and monitoring logging, alerting, and performance tracking systems using tools like Grafana, Kibana, Elasticsearch, Logstash, fluentd, and Watchers.

Nice to have

• Experience working with Ontario Healths ONE ID for secure access in healthcare environments.
• Experience with OntarioMDs Health Report Manager (HRM) infrastructure, specifically in managing and optimizing HRM-related data transmission pipelines.
Il y a 17 heures