Job Title: Sr. DevOps Engineer
Location: Montreal, QC (4x onsite a week)
Employment Type: Contract
Pay Rate: CAD$50 - $60/HR INC
Interview Type: Face 2 Face (Onsite Interview Only)
Job Description
We are seeking a Google Cloud IAM DevOps Engineer with strong expertise in Identity and Access Management automation on Google Cloud Platform GCP This role focuses on building secure and scalable IAM architectures automating identity lifecycle management and implementing certificate based authentication using X509 certificates
The ideal candidate will have experience building IAM automation using Terraform GitHub Actions Python and Shell scripting while implementing enterprise grade identity federation and certificate management solutions
Key Responsibilities
Google Cloud IAM Engineering
Design and implement secure IAM architectures on Google Cloud
Manage IAM roles policies and permissions using least privilege principles
Create and maintain Service Accounts and Service Account key policies
Implement Workload Identity Pools and Providers for external workloads accessing GCP securely
Implement Workforce Identity Federation to allow enterprise workforce authentication without service account keys
X509 Certificate Identity Management
Design and manage X509 certificate based authentication systems for workloads and external integrations
Implement certificate lifecycle management including issuance rotation and revocation
Automate certificate provisioning and renewal processes
Integrate certificate authentication with identity federation and secure workload authentication
Infrastructure as Code DevOps
Develop reusable Terraform modules to automate IAM and identity federation infrastructure
Implement GitHub Actions pipelines to deploy and manage IAM configurations
Maintain automated pipelines for IAM resource provisioning
Automation Scripting
Develop automation tools using
Python
Shell scripting
Use scripting to automate
IAM role audits
Service account lifecycle management
Certificate provisioning and rotation
Required Skills
Google Cloud
Strong hands on experience with
-
Google Cloud IAM
-
Service Accounts
-
Workload Identity Pools
-
Workload Identity Federation
-
Workforce Identity Federation
DevOps Infrastructure as Code
Terraform
-
Module development
-
IAM resource automation
-
Infrastructure lifecycle management
GitHub Actions
-
CICD pipeline creation
-
Infrastructure deployment automation
Programming Automation
-
Python
-
Shell scripting Bash
-
Security Identity
-
Identity federation OIDC SAML
-
X509 certificate management
-
Certificate lifecycle management
-
Secure authentication architectures
-
Least privilege access models
Preferred Qualifications
Experience integrating with enterprise identity providers Okta Azure AD Ping etc.
Familiarity with PKI infrastructure and certificate authorities
Experience building IAM automation platforms at enterprise scale
Experience implementing certificate based workload authentication
Disclaimer: AI tools may assist in the recruitment process; however, all hiring decisions are made by the recruitment team based on a comprehensive evaluation of candidates.