Google APIGEE Architect - RQ01857

Duration: 6 months

Location: Remote

Summary:

We are seeking an experienced Google Hybrid architecture expert to help define deployment models and platform configurations for a customer’s Apigee instance. The customer intends to host Apigee on Microsoft Azure K8s.

Role Deliverables

• Discovery & Assessment
• Conduct a comprehensive review of existing Apigee Hybrid deployment on Google Distributed Cloud (GDC).
• Identify reusable components and patterns for migration to Azure Kubernetes Service (AKS).
• Assess Azure environment readiness, including network topology, firewall rules, DNS, and identity/access configurations.
• Evaluate tooling preferences for CI/CD, secrets management, monitoring, and logging.
• Architecture Design & Planning
• Design or enhance high-level architecture for Apigee on AKS, ensuring scalability, high availability, and multi-region deployment.
• Define integration of PID/DER requirements and API security policies (OAuth 2.0, mTLS, etc.).
• Plan for observability: audit logging, monitoring, and incident response aligned with enterprise standards.
• Security & Compliance
• Review and refine RBAC policies and Azure AD integration.
• Align architecture with Firms internal CPOP standards and data protection policies.
• Validate encryption and security compliance across the platform.
• Infrastructure Setup
• Provision and configure AKS clusters and networking components (VNETs, subnets, NSGs, firewalls, load balancers).
• Install and configure Apigee Hybrid control and runtime planes.
• Set up Workload Identity Federation (WIF) for secure authentication to Google Cloud APIs.
• DevOps & CI/CD Integration
• Leverage or adapt existing CI/CD pipelines for Apigee platform configuration and proxy deployment.
• Integrate with preferred CI-CD tools (e.g., Azure DevOps, Terraform, Helm)
• Good Understanding of Terraform and Helm charts are needed.
• Testing & Validation
• Conduct functional, performance, and security testing of the deployed sandbox environment.
• Ensure platform readiness for go-live with validated configurations.
• Documentation & Knowledge Transfer
• Deliver comprehensive architecture diagrams, strategic recommendations, and deployment documentation.
• Conduct knowledge transfer (KT) sessions with platform and support teams.

Education/Work Experience

• Bachelor’s degree in computer science or engineering or equivalent
• 10+ years delivering enterprise-scale solutions across hybrid and multi-cloud environments
• Google certified professional Cloud Architect
• APIGEE Hybrid
• Microsoft Azure certified Cloud Architect

Technical Skills

• Cloud Platforms: Azure (AKS) - Must have, Google Cloud (GKE), AWS (EKS),
• API Management: APIGEE Hybrid/X, APIGEE Runtime Components/Control Plane
• Security: Workload Identity Federation (WIF), App Gateway WAF, NSG, Firewall
• IAM- PingFed, Exp with Custom RBAC creation
• Infrastructure: Kubernetes, Docker, Istio, Cluster- Node Pool Design, Hub-Spoke Networking,
• VNet Peering, Private Endpoints, CIDR, Networking knowledge
• Terraform, Helm, Azure DevOps