Cloud Migration Specialist (GCP to Azure)

Cloud Migration Specialist (GCP to Azure) (Contract Role)

Dallas, TX/ Tampa, FL/ Jersey City, NJ (onsite)

TCS

JD-

Cloud Migration Specialist (GCP to Azure)Cloud Migration SpecialistLeads the transition of workloads from GCP to Azure, including infrastructure-as-code and observability toolingObjectivesDesign and deploy a production-ready Azure Landing Zone across multiple regions.Automate subscription provisioning, resource deployment, and policy enforcement.Integrate DevSecOps, observability, and identity governance into the cloud platform.Migrate and modernize workloads such as LedgerScan from GCP to Azure.Ensure compliance with DTCCs internal controls and regulatory standards.Scope of WorkA. Organization Structure GovernanceDefine and implement a management group hierarchy (Options AC evaluated).Standardize naming conventions and tagging strategies.Automate subscription vending using Terraform and ServiceNow integration.Enforce Azure Policies via Infrastructure as Code (IaC).B. NetworkingDeploy a dual-region Azure Virtual WAN (vWAN) hub-and-spoke architecture.Implement Cloud NGFW (Palo Alto) and Azure Firewall Premium.Design DNS resolution using Infoblox andor Azure DNS Private Resolver.Enable hybrid connectivity via ExpressRoute, Site-to-Site VPN, and SD-WAN.C. Security IdentityImplement Privileged Identity Management (PIM) and Conditional Access.Automate RBAC assignments and access reviews.Manage secrets using Azure Key Vault with automated rotation.Enforce policy-as-code and integrate with Terraform pipelines.D. DevSecOps ObservabilityStandardize CICD pipelines using GitLab, Terraform Enterprise, and Jenkins.Integrate security tools (tfsec, Checkov, TFLint) into pipelines.Deploy centralized logging via Azure Log Analytics with RBAC and retention policies.Enable monitoring and alerting using Azure Monitor, Sentinel, and Grafana.E. Disaster Recovery High AvailabilityDesign DR strategies (Active-Passive, Hot Standby, Active-Active) based on workload tiers.Implement Azure Site Recovery (ASR) for failover automation.Define Recovery Time Objective (RTO) Recovery Point Objective (RPO) targets and validate through testing.F. Workload MigrationRehost and modernize applications like LedgerScan from GCP to Azure.Assess performance, compliance, and DR requirements for each workload.DTCC Internal (Green)Align migration with DTCCs cloud standardization and security frameworks.4. DeliverablesAzure Landing Zone architecture documentationTerraform modules and CICD pipeline configurationsSubscription vending automation workflowsSecurity and compliance policy setsLogging and monitoring dashboardsDRHA implementation plansMigration playbooks for identified workloads5. Evaluation CriteriaProven experience with Azure Landing Zone deploymentsExpertise in Terraform, GitLab, and Azure DevOpsFamiliarity with financial services compliance and security standardsAbility to deliver automated, scalable, and secure cloud infrastructureReferences from similar enterprise-scale cloud transformation projects4. Azure Services HighlightedThe following Azure services are proposed as direct or functional replacements for existing GCP infrastructure componentsThe following Azure services have been identified as potential key components in the migration from Google Cloud Platform (GCP) to Microsoft Azure. These services are proposed as direct or functional replacements for existing GCP infrastructure componentsAzure App Service and Azure Static Web Apps Proposed replacements for GCP App Engine.Azure API Management As a counterpart to Apigee.Azure Kubernetes Service (AKS) To replace GKE.Azure Key Vault For secrets management, replacing GCP Secret Manager.Azure Service Bus As an alternative to PubSub Lite.Azure Cache for Redis For caching needs.Azure Front Door and Azure Application Gateway For web application firewall and traffic routing.