Who Can Apply
- Candidates must be legally authorized to work in Canada
Job Description
Insight Global is hiring a specialized Cloud Platform Designer to lead the deployment and management of a critical third-party Anti-Money Laundering (AML) application. This role sits at the intersection of DevOps and Application Development Support, requiring deep expertise in orchestrating complex Java-based workloads on Azure Kubernetes Service (AKS).
You will be the technical owner for the application's infrastructure, responsible for containerizing, deploying, and tuning a stack built on JBoss EAP and PostgreSQL. Your work will directly support our AML Protection Team, ensuring high availability and strict security compliance for systems that monitor millions of daily transactions.
1. Azure Kubernetes Service (AKS) & Infrastructure
Cluster Management: Architect and manage secure AKS clusters, handling upgrades, node scaling, and networking (VNet integration, Azure CNI).
Deployment Automation: Design and maintain Helm charts to deploy the vendor’s JBoss-based application. Manage different environments (Dev, QA, Prod) using Helm values and versioning.
Ingress & Networking: Configure Azure Application Gateway (AGIC) or NGINX ingress controllers to securely expose AML services, managing WAF policies to protect against web vulnerabilities.
2. Application Runtimes (JBoss/Java)
JBoss Administration: Tune JBoss Enterprise Application Platform (EAP) configuration for containerized environments. Optimize heap sizes, garbage collection, and thread pools for high-throughput transaction processing.
Observability: Implement monitoring using Azure Monitor and Prometheus/Grafana to track JVM metrics (heap usage, active threads) and pod health.
3. Database Management (PostgreSQL)
Database Deployment: Manage PostgreSQL instances (either Azure Database for PostgreSQL or containerized HA clusters like Patroni/Crunchy Data) to support the application.
Performance Tuning: Analyze and optimize database performance, including connection pooling (PgBouncer), vacuum settings, and query analysis for high-volume AML datasets.
Resiliency: Design and test Backup/Restore procedures and Disaster Recovery (DR) strategies to ensure zero data loss.
4. Security & Compliance
Secrets Management: Eliminate hardcoded credentials by integrating Azure Key Vault with AKS (using CSI drivers or Workload Identity) to manage JBoss data sources and database passwords.
Network Security: Implement strict Network Policies within Kubernetes to isolate the AML workload and restrict pod-to-pod communication.
Compliance: Ensure the infrastructure meets banking regulatory standards (encryption at rest/transit, role-based access control, and audit logging).
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Experience supporting AML platforms – Name Screening (e.g. Actimize, Watch List Management etc.)
Knowledge of Azure Service Bus or Kafka for message handling.
Scripting proficiency in Bash or Python for automation tasks.
Worked closely with vendors to address any issue with Kubernetes containerized delivery options.
Excellent communication and negotiation skills.
Middleware: Deep knowledge of JBoss EAP, including configuration of data sources, JMS queues, and JVM performance tuning
Prior experience of handling new data sources for transformation/mapping work.
Prior knowledge of Storage – Azure Managed Disks and netApp for NFS storage. At TD we use PV-blob, file disk.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.