At ConvergentIS, we have a spark — a code, a way we work, a way we behave — and it's the core of our team's success. It's more than a value statement: it's our culture. Our spark means:

• Performing exceptionally and achieving high standards at every opportunity

• Enabling our customers and our team members

• Being flexible and innovative

• Maintaining strong alignment with our goals and values

We are a technology company headquartered in Calgary that strongly focuses on enhancing the user experience on enterprise systems. In business since 2002.

Our Rio platform powers design-first, cloud-native solutions for enterprise clients. We are building a dedicated reliability team to safeguard performance, security, and customer trust while feature teams continue to innovate. If you thrive on measurable uptime, blameless culture, and automation-heavy quality engineering, we’d like to meet you.

Role summary

Take ownership of the end-to-end architecture and fortification of a multi-account AWS platform, focusing on security, EKS, and data layers, while establishing and validating SOC 2 controls. Design reference architectures, codify them as IaC, and lead the remediation roadmap to ensure our platform is secure, scalable, and audit-ready.

Key responsibilities

• Platform Architecture: - Handle AWS landing zone (Organizations/Control Tower, SCPs), VPC/networking, CloudFront/ALB/NLB, Transit Gateway/Lattice, private ingress/egress.

• Kubernetes/EKS – Secure clusters (IRSA, RBAC, Pod Security Standards, network policies), manage autoscaling, multi-AZ/upgrade strategy, GitOps (Argo CD/Flux), and supply-chain security (image signing, provenance/SBOM).

• Security & Compliance – Implement CIS AWS & EKS benchmarks, AWS FSBP, KMS envelope encryption, Secrets Manager/Parameter Store, GuardDuty/Security Hub/Config/Detective, WAF/Shield, least-privilege IAM (prefer ABAC).

• Data Layer – Manage central logging (CloudWatch/OpenSearch), metrics/tracing (Prometheus/Grafana/X-Ray), SLOs/error budgets, incident runbooks, DR/chaos drills.

• CI/CD & IaC – Develop Terraform modules with guardrails, OPA/Conftest policy checks, Trivy/ECR scanning, SAST/DAST, SBOMs.

• SOC 2 Enablement – Map controls, automate evidence, close gaps for change/access/logging/vuln mgmt/BCP-DR, maintain auditor-ready documentation

• Cost Governance - Implement tagging, budgets/alerts, right-sizing, Savings Plans/RIs.

• Backlog & Milestones – Oversee the platform/security backlog, prioritize work, define clear milestones/KPIs, and deliver regular progress reports to leadership and auditors

• Limited on-call 24x7 support on rotation to support the platform's high-severity incidents.

Qualifications:

• 6–10+ years of experience designing on AWS at scale, with production EKS expertise.
• Proven experience in implementing and maintaining SOC 2 (Type I/II) in cloud environments.
• Strong IAM design, network segmentation, and encryption in transit/at rest.
• Production experience with RDS/Aurora (Postgres preferred) and disaster-recovery drills.
• Expertise in Terraform (or CDK), GitOps, and container security practices.
• Excellent documentation and stakeholder communication skills. Strong prioritization and backlog management capabilities; able to set, achieve, and report on key milestones independently (Agile roadmapping/sprint planning/reviews).

What we offer

• Influence in technical decisions from day one.

• Clear growth path

• Flexible hybrid work environment (Calgary HQ or remote within Canada).

• Competitive salary and benefits package.

How to apply

Email your résumé (PDF) and a brief cover note to careers@convergentis.com with the subject.

You must be legally entitled to work in Canada. ConvergentIS is an equal-opportunity employer committed to diversity and inclusion.

Additional open positions can be found at www.convergentis.com/careers