About the Company
Our Mission:
Bluedrop was founded in Galway in 2015 with a very specific and critical mission: to predict and prevent one of the most devastating complications of diabetes, the diabetic foot ulcer, or DFU.
The Problem We're Solving:
To give you a sense of the scale, there are 60 million people with diabetes in Europe alone. DFUs are the leading cause of non-traumatic amputation globally. It's a life-altering condition—healing can take over a year, is associated with high rates of depression, and even after healing, there's a 70% chance of getting another ulcer within 5 years.
Our Solution:
We've developed a home-based monitoring system that looks just like a high-end bathroom scale. In a 30-second daily scan, it captures both thermal and photographic data from the patient's feet and sends it to the cloud.
About the Role
You’ll design, secure, and monitor our GCP-based infrastructure (GKE, Terraform, BigQuery, Pub/Sub, Cloud Storage, Cloud Functions for AI) and CI/CD pipelines (GitLab). You will also manage and audit user access across cloud and application environments to ensure full compliance with HIPAA/FDA requirements.
Responsibilities
Infrastructure as Code (Terraform):
Define secure GCP resources (projects, VPC, GKE, IAM, Cloud SQL, Pub/Sub, Artifact Registry, Secret Manager) with auditable change control.
Kubernetes (GKE):
Operate hardened clusters (RBAC, PodSecurity, network policies, private clusters), manage deployments/rollouts, and troubleshoot workloads.
Cloud Functions (AI workloads):
Automate deployment and monitoring of our AI cloud functions (Python-based inference \& data processing), integrate with Pub/Sub, BigQuery, and downstream systems.
CI/CD (GitLab):
Build pipelines with security gates (image scanning, SBOM, SAST/DAST, provenance/signing), environment promotions, and controlled releases.
Security \& Compliance:
Enforce HIPAA-like / FDA 21 CFR Part 11 controls (audit logs, least-privilege IAM, secret rotation).
Manage vulnerability scanning (containers, Terraform, dependencies).
Implement encryption in transit/at rest, key management (Cloud KMS).
Manage and audit user access:
Provision and de-provision user/service accounts.
Enforce least-privilege IAM roles and Kubernetes RBAC.
Ensure all access requests/changes are logged and auditable.
Support periodic access reviews and compliance reporting.
Monitoring \& Observability:
Deploy Prometheus + Grafana for metrics, dashboards, and alerts. Integrate with Google Cloud Monitoring/Logging for audit logs, structured logs, and long-term retention. Define SLIs/SLOs for core services and AI functions; drive error budgets.
Data Platform Enablement:
Secure BigQuery with row-level security, enforce dataset IAM, and provide audit-friendly access patterns.
Incident Response \& Reliability:
Own runbooks, on-call rotations, and post-mortems; design backup/restore, DR testing, and HA strategies.
Cost \& Performance Optimization:
GKE autoscaling, BigQuery slot management, Cloud Functions scaling, and dashboards for spend visibility.
Qualifications
4+ years as DevOps/Platform/SRE in GCP production environments.
Strong Terraform and Kubernetes (GKE) experience.
Hands-on with deploying and managing Cloud Functions (Python).
Experience managing IAM accounts, groups, and audit logs in GCP and Kubernetes.
Familiarity with regulated/high-security environments (HIPAA, SOC2, ISO 13485).
Experience with Prometheus/Grafana/Loki/Alloy/Elastic Stack and Cloud Monitoring.
Strong GitLab CI/CD skills (multi-stage pipelines, scans, artifact signing, secure releases).
Comfortable scripting/automating in Python.
Preferred Skills
BigQuery operations (IAM, slot reservations, audit tables).
Security certifications (CISSP, GCP Professional Cloud Security Engineer).
Equal Opportunity Statement
We are committed to diversity and inclusivity.