What are the responsibilities and job description for the Lead SRE & Edge Architect position at capgemini?
We are seeking a high-caliber Lead SRE & Edge Architect to serve as the Sole Custodian of our Integrated Intelligence Ops Ecosystem. This role is critical for bridging the gap between physical hardware security and high-velocity, cloud-native application delivery within a Google Distributed Cloud (GDC) Connected environment.
You will lead the orchestration of hybrid workloads (VMs and Containers) and pioneer a Zero-Trust security posture at the edge. This is a ""Full-Stack Infrastructure"" role, where your responsibility begins at the physical intrusion sensor on the rack and extends to the AIOps-driven self-healing of application workloads.
Key Responsibilities:
Section 1: Scope of Work (SOW)
Ecosystem Custodianship: Design, deploy, and maintain the bridge between physical hardware security and GDC-native application delivery.
Hybrid Orchestration: Lead the deployment of VM Runtime on GDC and Symcloud Storage, enabling the co-existence of legacy VM workloads and modern microservices.
Zero-Trust Engineering: Establish and maintain a ""Zero-Trust"" architecture using MASQUE/TLS tunnels, per-machine certificates, and hardware-level encryption.
Full-Lifecycle Ownership: Responsible for the entire stack: from monitoring Physical Intrusion Sensors in the rack to implementing AIOps for workload self-healing.
Connectivity Management: Ensure seamless and secure GDC-to-GCP communication while maintaining 99.99% uptime for disconnected/local-first operations.
Mandatory skills:
Cloud-Native & DevOps Orchestration
Orchestration: Expert-level mastery of Kubernetes (K8s) and Docker for large-scale distributed systems.
Infrastructure as Code (IaC): Advanced automation using Terraform (GCP/GDC resources) and Ansible (Bare Metal OS configuration).
CI/CD & Packaging: Engineering complex Helm Charts and managing pipelines via GitHub Actions, GitLab CI, and Jenkins.
Networking: Implementing NGINX Load Balancer as a Service and integrating with the Distributed Cloud Edge Network API.
Observability & Intelligence Ops:
The ""Gold Standard"" Stack: Hands-on implementation of Prometheus (metrics), Grafana (visualization), and Open Telemetry (OTEL) for distributed tracing.
AIOps & Self-Healing: Proven ability to build closed-loop remediation using Vertex AI to analyze OTEL traces and trigger automated Google Cloud CLI/API scripts.
Storage & Virtualization:
Storage Architecture: Designing software-defined storage using Symcloud Storage and local persistent volumes.
VM Runtime: Deep experience orchestrating legacy VMs alongside containers within a single GDC control plane.
Section 3: Mandatory Security & Hardware Integrity:
Hardware Defense: Knowledge of Physical Intrusion Sensors, Port Lockdown strategies, and Platform Certificates.
Root of Trust: Managing Trusted Platform Module (TPM) integrations and LUKS for data-at-rest protection.
Encryption: Implementation of Self-Encrypting Disks (SED) and Cloud KMS for Customer Managed Encryption Keys (CMEK).
Secure Tunnels: Engineering MASQUE tunnels or TLS-wrapped connections using per-machine certificates.
Section 4: Compliance & Operational Governance:
IAM Governance: Expert knowledge of Distributed Cloud Edge Container API roles and least-privilege access enforcement.
Resiliency: Implementation of Availability Best Practices (Region/Zone/Rack awareness) for disconnected state reliability.
Strategic Liaison: Act as the primary technical point of contact for Google-certified System Integrators (SI) to ensure hardware meets GDC specifications.
Preferred Qualifications:
Google Cloud Professional Cloud Architect or Professional Data Engineer certification.
Experience in highly regulated sectors (Defense, Telco, Banking, or Healthcare).
Strong background in Linux Kernel tuning and Bare Metal performance optimization.
The pay range that the employer in good faith reasonably expects to pay for this position is $36.98/hour - $57.79/hour. Our benefits include medical, dental, vision and retirement benefits. Applications will be accepted on an ongoing basis.
Tundra Technical Solutions is among North America’s leading providers of Staffing and Consulting Services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.
Salary : $37 - $58