*****Please note that the candidates / Consultants should be on our W2 for this job********

1. Engagement Overview

Our healthcare client is executing a strategic, enterprise-scale initiative to design, deploy, stabilize, and operationalize an Apigee Hybrid multi-cloud API gateway platform across Google Cloud Platform (Google Cloud Platform), Microsoft Azure (AKS), and on-premises data centers. This engagement is explicitly coupled with a parallel Akamai edge routing and security implementation; all Apigee Hybrid infrastructure deliverables must align to, support, and meet the Akamai delivery timeline milestones.

The contractor will embed within the client API Platform Engineering team and work alongside until the client internal resources assume full operational ownership.

2. Project Context

This engagement directly supports enterprise priorities including:

·         Security Transformation

·         Enterprise API governance and resiliency

·         Enterprise AI / LLM enablement

·         Protection of customer-facing SLAs

Key architectural elements:

·         Centralized Apigee Control Plane hosted in Google Cloud Platform with outbound-only connectivity from Hybrid runtimes

·         Apigee Hybrid runtimes deployed on Kubernetes-based container platforms (AKS, GKE/GKS) and on-premises

·         Akamai Noname remote engines deployed alongside Apigee Hybrid for full-lifecycle API visibility and protection

·         Akamai as the authoritative edge platform for routing, DDoS protection, and WAF enforcement — Apigee enforces API-level policy only

·         Integration with enterprise CI/CD pipelines, observability platforms, and SIEM

Critical timeline dependency: Azure environment readiness begins June 1, 2026, with Azure Go-Live targeted for December 1, 2026, followed by on-premises Go-Live on March 2, 2027.

3. Scope of Work / Key Responsibilities

The contractor will be responsible for, but not limited to, the following:

Infrastructure Build & Deployment

·         Provision and administer Kubernetes clusters across AKS, GKE/GKS, and on-premises platforms

·         Deploy Apigee Hybrid runtime components (Message Processor, Synchronizer, MART, Cassandra, etc.) on target Kubernetes environments

·         Deploy Akamai Noname remote engines and connectors on AKS, GKS, and on-premises environments

·         Establish and validate secure, outbound-only control plane connectivity from Hybrid runtimes to the centralized Google Cloud Platform Control Plane

·         Configure Azure networking (VNets, NSGs, Private Link) and Google Cloud Platform networking to support multi-cloud traffic flows

·         Author and maintain Terraform / Infrastructure as Code (IaC) modules for repeatable, auditable deployments across all target environments

Integration & Observability

·         Integrate Apigee Hybrid and Akamai telemetry with enterprise observability platforms

·         Integrate security event data with enterprise SIEM platforms

·         Implement asynchronous, non-blocking telemetry patterns to avoid performance impact on runtime traffic

·         Support integration with enterprise CI/CD pipelines for infrastructure and configuration changes

Operational Support & Stabilization

·         Support production readiness reviews, stabilization, and go-live activities aligned to Akamai milestone dependencies

·         Participate in incident response, runtime upgrades, and capacity management during transitional operations

·         Monitor and maintain multi-cloud infrastructure health across Google Cloud Platform, Azure, and on-premises

Knowledge Transfer & Documentation

·         Produce comprehensive technical documentation: runbooks, SOPs, architecture diagrams, and points-of-contact references

·         Participate in on-call and joint operational support during transition

Governance & Collaboration

·         Navigate Mayo Clinic governance, change management, and approval processes for infrastructure changes

·         Collaborate with the external Apigee Hybrid implementation partner during joint delivery activities

·         Coordinate with Akamai implementation teams to ensure infrastructure readiness gates are met on schedule

4. Required Technical Skills

Kubernetes & Container Orchestration

·         3+ years hands-on experience administering Kubernetes clusters (AKS required; GKE/GKS and on-premises Kubernetes strongly preferred)

·         Experience with node pool management, namespace isolation, resource quotas, RBAC, and cluster upgrades

·         Familiarity with Helm charts, Kubernetes operators, and custom resource definitions (CRDs) used in platform-level product deployments

Multi-Cloud Infrastructure (Google Cloud Platform & Azure)

·         Hands-on experience administering Google Cloud Platform environments (Cloud SQL, BigQuery, IAM, networking)

·         Hands-on experience administering Azure cloud environments — specifically Azure Kubernetes Service (AKS), Azure networking (VNets, NSGs, Private Link), and Azure IAM/RBAC

·         Multi-cloud infrastructure experience — ability to manage parallel environments across Google Cloud Platform and Azure with consistent IaC patterns and governance

Infrastructure as Code & CI/CD

·         Proficiency with Terraform or equivalent IaC tooling for multi-cloud deployments

·         Experience with CI/CD pipelines for infrastructure changes (e.g., Azure DevOps, GitHub Actions, Jenkins, Cloud Build)

API Gateway & Edge Platforms

·         Experience with or exposure to Apigee Hybrid architecture — understanding of the split between centralized control plane (Google Cloud Platform-hosted) and customer-managed Hybrid runtimes

·         Understanding of outbound-only control plane connectivity models and the networking requirements to support them

·         Experience with or understanding of edge platform integration (Akamai preferred; Cloudflare or similar acceptable) — specifically edge routing, DDoS protection, and WAF enforcement

·         Familiarity with Akamai connector/remote engine deployment models and how edge security layers interact with downstream API gateways

·         Understanding of traffic flow architecture where edge platforms are authoritative entry points and API gateways enforce policy only

Observability, Telemetry & Security

·         Experience integrating infrastructure and application telemetry with enterprise observability platforms

·         Experience integrating with SIEM platforms for security event correlation

·         Understanding of asynchronous, non-blocking telemetry patterns

·         Understanding of security fundamentals, access provisioning, and Zero-Trust security principles

5. Required Soft Skills / Other Competencies

·         Enables others: Navigates complex access processes and clears paths for the team

·         Self-directed problem solving: Identifies the right contacts and required approvals; does not wait for instructions

·         Milestone-driven delivery mindset: Comfortable working within tight, dependency-driven timelines where infrastructure readiness gates downstream partner deliverables

·         Cross-environment operational awareness: Ability to manage and troubleshoot infrastructure spanning cloud (Google Cloud Platform, Azure) and on-premises environments simultaneously

·         Platform exploration: Stays current on Google Cloud Platform/Azure evolution; evaluates new services and capabilities

·         Automation mindset: Seeks to reduce manual configuration and approval friction

·         Proactively identifies bottlenecks in environment setup and proposes solutions

·         Produces technical documentation (runbooks, procedures, points of contact) for completed infrastructure

·         Brings awareness of new platform capabilities that could accelerate delivery

·         Takes initiative to streamline repetitive access/provisioning tasks

·         Edge-to-gateway security architecture awareness: Understands that security enforcement is layered — edge handles routing/DDoS/WAF while the API gateway handles API-level policy — and can configure infrastructure to support this separation

·         Partner engagement skills: Able to work effectively alongside an external implementation partner, including joint troubleshooting, shared environments, and coordinated change management

·         Knowledge transfer readiness: Willingness and ability to participate in a shadow → lead → own model as both learner and teacher

·         Ability to clearly document and explain proposed changes to navigate governance and approval processes

6. Preferred / Nice-to-Have Skills

·         Prior experience working in healthcare or similarly regulated environments (HIPAA, SOC 2)

·         Google Cloud Professional Cloud Architect or Professional Cloud DevOps Engineer certification

·         Microsoft Azure AZ-104 (Azure Administrator) or AZ-305 (Azure Solutions Architect) certification

·         Certified Kubernetes Administrator (CKA) or Certified Kubernetes Application Developer (CKAD)

·         Experience with Apigee Hybrid installation, configuration, and operations

·         Experience deploying or managing Akamai Noname (API security) remote engines

·         Familiarity with GitOps patterns (ArgoCD, Flux) for Kubernetes-based deployments

·         Experience with Anthos, Rancher, or OpenShift for on-premises Kubernetes

7. Work Arrangement & Logistics

8. Evaluation Criteria

Candidate submissions will be evaluated on the following weighted criteria:

 9. Submission Instructions

Vendors should submit the following:

·         Candidate resume highlighting relevant Kubernetes, multi-cloud, and API gateway experience

·         Brief candidate summary (1 page max) mapping experience to the required technical skills listed above

·         Proposed hourly rate and availability / earliest start date

·         References from comparable engagements (healthcare or large enterprise preferred)