Sr. Cloud Platform Engineer
Posted 2026-06-26Canada External Job Ad
Amazing Career Moments Happen Here
The best work happens when smart people move fast, together. At Applied, we’ve spent 40+ years building technology that solves real problems for insurance professionals, and we’re not slowing down. We’re pushing what’s possible in Insurtech and doing it inside a culture built on trust, inclusion, and growth.
The Role at a Glance
Role: Senior Cloud Platform Engineer
Team: Corporate IT
Location: Remote
Opportunity for Impact
We’re looking for a Senior Cloud Platform Engineer to join our Corporate IT and make a real difference for the people who depend on our products every day. This role owns our cloud platform across Azure (primary) and Google Cloud Platform (GCP), with strong preferred experience in AWS. You will design, build, and operate cloud-native infrastructure at enterprise scale — including landing zone automation, Kubernetes platforms, secrets management, hybrid networking, and application delivery pipelines. If you thrive in a fast-paced, collaborative environment and are passionate about driving business outcomes through cloud excellence and AI-augmented engineering, we want to hear from you
What You’ll Do
Cloud Infrastructure & Architecture
Design, build, and maintain scalable, secure, and highly available environments across Azure (primary) and GCP, with working knowledge of AWS
Own landing zone design and automation for both Azure and GCP — including organization hierarchy, resource naming standards, IAM governance, and policy enforcement
Design and operate production-grade Kubernetes environments (AKS and GKE) including multi-tenant cluster strategies, workload identity, pod security standards, autoscaling, resiliency, cost optimization, and Helm-based application deployment
Build and operate the GCP Project Factory for standardized, automated provisioning of GCP projects, IAM bindings, service accounts, and GitLab integration
Define and enforce cloud resource naming conventions, project labeling standards, and organizational tagging policies aligned with FinOps and cost allocation requirements
Infrastructure as Code & Automation
Develop and maintain Terraform modules for Azure and GCP resource provisioning (AWS IaC a plus), ensuring reusable, version-controlled infrastructure
Build and manage CI/CD pipelines (GitLab CI, Azure DevOps, Cloud Build, or equivalent) for automated infrastructure and application deployment, including container build, Artifact Registry publishing, and Cloud Run / GKE delivery patterns
Own and evolve the Ansible AWX automation platform (currently running on AKS) — develop and maintain playbooks and roles to automate system configuration, application setup, and operational workflows
Administer and evolve the CloudBolt Cloud Management Platform (CMP) for multi-cloud resource provisioning, governance, cost visibility, and self-service workflows
Develop automation scripts using Python, Bash, or PowerShell to streamline operational tasks
Leverage AI tools including Claude to accelerate Infrastructure as Code development, runbook creation, and documentation — and help the broader team adopt these workflows effectively
Operations & Reliability
Implement and manage monitoring, alerting, and observability solutions using Google Cloud Monitoring, Azure Monitor, Cloud Logging, SigNoz, and DataDog
Develop and maintain runbooks and playbooks to guide incident response; perform root cause analysis (RCA) and document findings
Respond to escalated infrastructure service desk tickets and resolve complex cloud-related issues
Security & Compliance
Design, operate, and secure enterprise-grade secrets management using HashiCorp Vault across cloud and hybrid environments, including Vault role management and CI/CD pipeline integration
Implement and enforce cloud security controls across Azure (Managed Identity, Private Endpoints, NSG) and GCP (VPC Service Controls, Workload Identity, Binary Authorization, Secret Manager), including workforce and workload identity federation with external IdPs
Partner with the Information Security organization to identify, prioritize, and remediate cloud security vulnerabilities
Hybrid Connectivity
Design and maintain hybrid network connectivity between Azure and GCP, including VPN tunnels, FMC/FTD integration, and cross-cloud routing
Design and implement hub-spoke network topologies with multi-region CIDR schemas supporting phased regional expansion
Assist network design including VPC architecture, Shared VPC, Cloud Interconnect, Cloud NAT, and firewall policy management across both platforms
Disaster Recovery & Business Continuity
Define and implement disaster recovery strategies for cloud-hosted workloads across Azure and GCP
Conduct periodic DR drills and document recovery time/point objectives (RTO/RPO)
Collaboration & Documentation
Create and maintain thorough infrastructure documentation, architecture diagrams, and operational guides — owning the cloud knowledge base for the team
Collaborate cross-functionally with application teams, security, DevOps, and leadership to align infrastructure with business goals
Mentor engineers and promote cloud best practices across the team
What We’re Looking For
If this role sounds like the right next move, we’d love to hear from you. You might bring:
High School diploma required; BA/BS degree in Computer Science, Information Technology, or related field preferred
7+ years of experience as a senior engineer in a mid-to-large-scale enterprise environment
4+ years of hands-on, production-grade experience with Azure at enterprise scale (required)
3+ years of hands-on, production-grade experience with Google Cloud Platform (required)
AWS experience strongly preferred; candidates with deep Azure + GCP and meaningful AWS exposure will be prioritized
Cloud Platforms
Platforms are listed in priority order:
Azure (Primary): AKS, Azure Networking (vHub, NSG, App Gateway, Private Endpoints, VPN), Landing Zone automation, Azure DevOps/GitLab CI, Terraform IaC, SPN/Managed Identity, Azure Storage
Google Cloud Platform (Secondary): GKE, Cloud Run, Cloud SQL, BigQuery, VPC, IAM, Artifact Registry, Cloud Monitoring, Vertex AI
AWS (Strongly Preferred): Core services familiarity (EC2, EKS, VPC, IAM, S3); ability to operate or support AWS workloads alongside Azure/GCP
Technical Skills — Required
Terraform: Production IaC modules for Azure and GCP (AWS IaC a plus)
CI/CD: GitLab CI, Azure DevOps, Cloud Build, or Jenkins
Kubernetes: AKS and/or GKE at production scale — multi-tenant clusters, Helm, workload identity, pod security
HashiCorp Vault: Enterprise secrets management, Vault role administration, CI/CD pipeline integration
Ansible / AWX: Playbook development and AWX automation platform operation
Scripting & Automation: Python and/or Bash for infrastructure automation
Networking: VPC design, BGP, DNS, load balancing, hub-spoke topologies, and hybrid connectivity
IAM & Security: Org policies, Managed Identity, Workload Identity Federation, VPC Service Controls, workforce identity federation with external IdPs
Monitoring & Observability: Google Cloud Monitoring, Azure Monitor, Cloud Logging, DataDog, and/or SigNoz
Bonus points if you also have:
AWS certifications or hands-on project experience
Azure certifications (AZ-104, AZ-305) or GCP Professional Certifications (Cloud Architect, Cloud DevOps Engineer)
Linux system administration
Kubernetes advanced operations (Autopilot, multi-cluster, service mesh)
CloudBolt CMP: cloud management platforms for multi-cloud governance, FinOps reporting, and self-service provisioning
Tines or similar workflow automation platforms
BigQuery and data platform support experience
Experience with API-driven automation (Google APIs, Microsoft Graph, Jira, Okta)
Data center migration experience
Talent shows up in a lot of different ways, and we mean that. We welcome candidates from all backgrounds and experience levels, including military members and their spouses and those without a traditional degree or tech background. If this role speaks to you, apply.
Why You’ll Like Working Here
Our people-first culture means you’re seen, supported, and set up to grow. We work across flexible models because we trust our teams to deliver, not just show up. You’ll collaborate with people who care about the work and each other, and you’ll have leaders who are invested in where you’re headed.
How We’ll Support You
We invest in the whole person, not just the role. Our benefits and resources are built to support your health, your time, and your life outside of work:
Medical, Dental, and Vision Coverage
Holiday and Vacation Time
Health & Wellness Days
A Bonus Day for Your Birthday
Compensation Transparency
The total anticipated annual compensation range for this newly created position is $110K- $160K CAD per year, which includes starting base salary and, where applicable, variable or incentive pay. To determine a new team member’s starting pay, we consider a variety of factors, including someone’s depth, breadth, and variety of experience, skills, and responsibilities.
This position requires the employee to reside and work from one of the following provinces: Alberta, British Columbia, Manitoba, New Brunswick, Newfoundland and Labrador, Nova Scotia, Ontario, PEI, Saskatchewan.
Your Security Matters: Our candidates’ personal information and online safety are top of mind. Applied communicates with candidates only via a secure @appliedsystems.com email address or through our official careers portal. Recruiters will never request payments or ask for financial account or sensitive personal information like Social Security numbers.
AI Utilization
We leverage AI tools to streamline parts of our recruitment workflow (such as resume parsing and interview scheduling). However, candidate screening, interviews, and final decisions are always conducted by real humans.
EEO Statement
Applied Systems is proud to be an Equal Employment Opportunity Employer. Diversity and Inclusion is a business imperative and is a part of building our brand and reputation. At Applied, we don’t discriminate, and we are committed to recruit, develop, retain, and promote regardless of race, religion, color, national origin, sexual orientation, gender identity, disability, age, veteran status, and other protected status as required by applicable law.
#LI-Remote#LI-CA