Cloud Developer

Mastronardi Produce pioneered the commercial greenhouse industry in North America, and we’re now the leading greenhouse vegetable company on the continent. Our award-winning, flavorful produce is packed under the SUNSET® brand and is available at leading grocery retailers across North America. Family owned for over 65 years, we pride ourselves on having the most flavorful products and the best people in the industry. We are constantly pushing boundaries to be a leader in fresh produce innovation. We seek individuals that demonstrate our PRIDE values (Passion, Respect, Innovation, Drive, Excellence) to help us fulfill our mission to inspire healthy living through WOW flavor experiences. Our Kingsville Head Office Location is currently seeking Cloud Developer to join our Information Technology team! The Cloud Developer plays a critical role in designing, developing, and deploying cloud-based solutions for the organization. This role requires strong technical expertise in cloud platforms, programming languages, and infrastructure-as-code (IaC) practices. The Cloud Developer collaborates with cross-functional teams to build scalable, secure, and efficient cloud applications and services, aligning them with business goals and strategies. Values: To perform the job successfully, the incumbent’s behavior must be consistent with the PRIDE values expected of all Mastronardi Produce employees: be Passionate; have Respect; be Innovative; be Driven and strive for Excellence. Primary Responsibilities: Design and architect enterprise-scale solutions on Microsoft Azure (primary) with multi-cloud readiness (AWS/GCP) Develop cloud-native applications using Azure Functions, App Services, AKS, and serverless architectures Build data pipelines with Azure Data Factory, Synapse Analytics, and Azure Databricks Design and implement Azure Landing Zones following Cloud Adoption Framework (CAF) principles for scalable, secure foundation Implement Infrastructure as Code using Terraform, ARM templates, or Bicep Design and maintain CI/CD pipelines in Azure DevOps and GitHub Actions Design secure network architectures including VNets, subnets, NSGs, VNet peering, VPN Gateway, and ExpressRoute Architect hybrid cloud connectivity between on-premises infrastructure and Azure using ExpressRoute, Site-to-Site VPN, Azure Virtual WAN, and Azure Arc Implement network security controls using Azure Firewall, WAF, Private Link, Private Endpoints, and Service Endpoints Configure hub-and-spoke network topology with centralized connectivity and security management Optimize cloud performance, cost, and security across all environments Implement comprehensive monitoring using Azure Monitor, Application Insights, and Log Analytics Ensure security compliance with Zero Trust architecture, Azure AD, Key Vault, and governance policies Implement DDoS protection, traffic encryption (TLS/SSL), network traffic inspection, and Azure Bastion for secure VM access Design and implement Azure Policy, Blueprints, and Management Groups for enterprise governance Lead cloud migration strategies and modernization initiatives Mentor development teams on cloud best practices and architecture patterns Qualifications, Education & Experience: Master's/Bachelor's/College degree in Computer Science or related field 10 years software development experience 4 years hands-on Microsoft Azure experience 4 years designing enterprise-scale cloud architectures Azure Expertise (Core): Expert-level: Azure Functions, App Services, AKS, Azure SQL, Cosmos DB Advanced: Azure Data Factory, Synapse Analytics, Event Hubs, Service Bus, API Management Landing Zones & Governance: Azure Landing Zone implementation, Cloud Adoption Framework (CAF), Enterprise-Scale Architecture, Management Groups, Azure Policy, Azure Blueprints, Resource Tagging Strategies Hybrid Connectivity: ExpressRoute (Private/Microsoft Peering), Site-to-Site VPN, Point-to-Site VPN, Azure Virtual WAN, VPN Gateway (Active-Active/Active-Passive), Azure Route Server, Azure Arc, Azure Stack Hub/HCI Networking & Security: Virtual Networks (VNets), Subnets, Network Security Groups (NSGs), Application Security Groups (ASGs), VNet Peering (regional/global), Azure Firewall, WAF, Azure Front Door, Application Gateway, Private Link, Private Endpoints, Service Endpoints, Azure Bastion, Azure DDoS Protection, Hub-and-Spoke Topology Security & Identity: Azure AD, Azure AD B2C, Azure AD Connect (for hybrid identity), Key Vault, Security Center/Defender for Cloud, RBAC, Managed Identities, Conditional Access, Privileged Identity Management (PIM), Microsoft Sentinel Technical Skills: Programming: Expert in C#/.NET (8/9/10), Python, or Java; proficient in PowerShell, SQL/NoSQL IaC & DevOps: Terraform (with Azure Landing Zone modules), ARM/Bicep, Azure DevOps, GitHub Actions, CI/CD pipelines Containers: Docker, Kubernetes (AKS), Helm, container registries Data: Azure SQL, Cosmos DB, data lake architectures, ETL/ELT design Monitoring: Azure Monitor, Application Insights, Log Analytics, Network Watcher, Azure Service Health, distributed tracing APIs: RESTful design, GraphQL, API Management, OAuth2/JWT Network Security: Route tables, User-Defined Routes (UDR), Azure Firewall policies, traffic filtering, network segmentation, forced tunneling, Border Gateway Protocol (BGP), DNS integration (Azure DNS, Private DNS zones) Preferred Qualifications: Certifications: Azure Solutions Architect Expert (AZ-305), Azure Developer (AZ-204), DevOps Engineer (AZ-400), Azure Security Engineer (AZ-500), Azure Network Engineer (AZ-700), CKA/CKAD, Terraform Associate Multi-cloud experience (AWS: VPC, Direct Connect, Transit Gateway, Security Groups; GCP: VPC, Cloud Interconnect) Advanced networking: BGP routing, MPLS connectivity, SD-WAN integration, DNS management, load balancing strategies, traffic management, QoS configuration Hybrid cloud expertise: Active Directory integration (Azure AD Connect), on-premises to cloud migration patterns, Azure Migrate, Azure Site Recovery, hybrid identity solutions Security expertise: Zero Trust Network Access (ZTNA), micro segmentation, threat modeling, penetration testing, security incident response IoT platforms (Azure IoT Hub), ML/AI services (Azure ML) Experience in agriculture, supply chain, or food industry systems Event-driven architectures, Kafka, Apache Spark Security certifications (CISSP, CEH, CompTIA Security) Compliance frameworks: SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS implementation experience Azure Well-Architected Framework expertise across all five pillars (Reliability, Security, Cost Optimization, Operational Excellence, Performance Efficiency) Key Competencies: Cloud-native architecture patterns and microservices design Azure Landing Zone design and implementation with proper subscription structure, management hierarchy, and governance Enterprise network architecture design with hub-and-spoke topology, DMZ implementation, network segmentation, and transit connectivity Hybrid cloud architecture connecting on-premises data centers with Azure using ExpressRoute, VPN, and Virtual WAN Advanced security implementations: encryption in-transit and at-rest, certificate management, security baselines, threat protection High availability/disaster recovery (HA/DR) implementation with multi-region failover Performance optimization and cost management (FinOps) Network troubleshooting using Network Watcher, Connection Monitor, traffic analytics, packet capture, and flow logs Identity and access management including hybrid identity scenarios with Azure AD Connect Strong problem-solving and analytical thinking Excellent communication skills with technical and business stakeholders Agile/Scrum methodologies Working Conditions: Typical office environment. On-call and after-hours availability 24X7 to resolve technical incidents required. May be required to work nights and weekends during un-planned outages and other special circumstances Please note : Mastronardi Produce has accommodation processes and policies in place and provides accommodation for employees with disabilities. If you require a specific accommodation because of a disability or documented medical need, please contact the Human Resource office so that arrangements can be made for the appropriate accommodation to be put into place before you begin your employment Equal Opportunity Employer This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

Location: Kingsville, Ontario, CA

Posted Date: 11/6/2025