DevOps Engineer
Job description
Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and build a more sustainable, more inclusive world.Job DescriptionGoogle Cloud IAM (Terraform / GitHub Actions / Python / X.509)
We are seeking a Google Cloud IAM DevOps Engineer with strong expertise in Identity and Access Management automation on Google Cloud Platform GCP. This role focuses on building secure and scalable IAM architectures automating identity lifecycle management and implementing certificate based authentication using X509 certificates.
The ideal candidate will have experience building IAM automation using Terraform GitHub Actions Python and Shell scripting while implementing enterprise grade identity federation and certificate management solutions.Key Responsibilities:
Google Cloud IAM Engineering
Design and implement secure IAM architectures on Google Cloud
Manage IAM roles policies and permissions using least privilege principles
Create and maintain Service Accounts and Service Account key policies
Implement Workload Identity Pools and Providers for external workloads accessing GCP securely
Implement Workforce Identity Federation to allow enterprise workforce authentication without service account keysX509 Certificate Identity Management:
Design and manage X509 certificate based authentication systems for workloads and external integrations
Implement certificate lifecycle management including issuance rotation and revocation
Automate certificate provisioning and renewal processes
Integrate certificate authentication with identity federation and secure workload authenticationInfrastructure as Code DevOps:
Develop reusable Terraform modules to automate IAM and identity federation infrastructure
Implement GitHub Actions pipelines to deploy and manage IAM configurations
Maintain automated pipelines for IAM resource provisioningAutomation Scripting:
Develop automation tools using
Python
Shell scripting
Use scripting to automate
IAM role audits
Service account lifecycle management
Certificate provisioning and rotationRequired Skills:
Google CloudStrong hands on experience with:
Google Cloud IAM
Service Accounts
Workload Identity Pools
Workload Identity Federation
Workforce Identity Federation
DevOps Infrastructure as Code
Terraform
Module development
IAM resource automation
Infrastructure lifecycle management
GitHub Actions
CICD pipeline creation
Infrastructure deployment automation
Programming Automation
Python
Shell scripting Bash
Security Identity
Identity federation OIDC SAML
X509 certificate management
Certificate lifecycle management
Secure authentication architectures
Least privilege access modelsPreferred Qualifications:
Experience integrating with enterprise identity providers Okta Azure AD Ping etc
Familiarity with PKI infrastructure and certificate authorities
Experience building IAM automation platforms at enterprise scale
Experience implementing certificate based workload authentication
Enterprise scale Google Cloud IAM automation
Identity federation platforms
X509 certificate based authentication solutions
Secure CICD pipelines for cloud identity provisioning
Infrastructure as Code driven IAM governanceThe base compensation range for this role in the posted location is: 90,000 - 93,129.Capgemini provides compensation range information in accordance with applicable national, state, provincial, and local pay transparency laws. The base compensation range listed for this position reflects the minimum and maximum target compensation Capgemini, in good faith, believes it may pay for the role at the time of this posting. This range may be subject to change as permitted by law.The actual compensation offered to any candidate may fall outside of the posted range and will be determined based on multiple factors legally permitted in the applicable jurisdiction.These may include, but are not limited to: Geographic location, Education and qualifications, Certifications and licenses, Relevant experience and skills, Seniority and performance, Market and business consideration, Internal pay equity.It is not typical for candidates to be hired at or near the top of the posted compensation range.In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws.Capgemini offers a comprehensive, non-negotiable benefits package to all regular, full-time employees.
In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include:
- Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave
- Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
- Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
- Life and disability insurance
- Employee assistance programs
- Other benefits as provided by local policy and eligibility
We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed.
Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.Click the following link for more information on your rights as an Applicant in the United States.Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society.
It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.Ref. code: 437648Posted on: Mar 16, 2026Experience Level: Experienced ProfessionalsContract Type: PermanentLocation:Montreal, CABrand: CapgeminiProfessional Community: Software Engineering
Capgemini
¿Te interesa este puesto?