About the CompanyOur Mission: Bluedrop was founded in Galway in 2015 with a very specific and critical mission: to predict and prevent one of the most devastating complications of diabetes, the diabetic foot ulcer, or DFU.The Problem We're Solving: To give you a sense of the scale, there are 60 million people with diabetes in Europe alone. DFUs are the leading cause of non-traumatic amputation globally. It's a life-altering condition—healing can take over a year, is associated with high rates of depression, and even after healing, there's a 70% chance of getting another ulcer within 5 years.Our Solution: We've developed a home-based monitoring system that looks just like a high-end bathroom scale. In a 30-second daily scan, it captures both thermal and photographic data from the patient's feet and sends it to the cloud.About the RoleYou'll design, secure, and monitor our GCP-based infrastructure (GKE, Terraform, BigQuery, Pub/Sub, Cloud Storage, Cloud Functions for AI) and CI/CD pipelines (GitLab). You will also manage and audit user access across cloud and application environments to ensure full compliance with HIPAA/FDA requirements.ResponsibilitiesInfrastructure as Code (Terraform): Define secure GCP resources (projects, VPC, GKE, IAM, Cloud SQL, Pub/Sub, Artifact Registry, Secret Manager) with auditable change control.Kubernetes (GKE): Operate hardened clusters (RBAC, PodSecurity, network policies, private clusters), manage deployments/rollouts, and troubleshoot workloads.Cloud Functions (AI workloads): Automate deployment and monitoring of our AI cloud functions (Python-based inference & data processing), integrate with Pub/Sub, BigQuery, and downstream systems.CI/CD (GitLab): Build pipelines with security gates (image scanning, SBOM, SAST/DAST, provenance/signing), environment promotions, and controlled releases.Security & Compliance:Enforce HIPAA-like / FDA 21 CFR Part 11 controls (audit logs, least-privilege IAM, secret rotation).Manage vulnerability scanning (containers, Terraform, dependencies).Implement encryption in transit/at rest, key management (Cloud KMS).Manage and audit user access:Provision and de-provision user/service accounts.Enforce least-privilege IAM roles and Kubernetes RBAC.Ensure all access requests/changes are logged and auditable.Support periodic access reviews and compliance reporting.Monitoring & Observability: Deploy Prometheus + Grafana for metrics, dashboards, and alerts. Integrate with Google Cloud Monitoring/Logging for audit logs, structured logs, and long-term retention. Define SLIs/SLOs for core services and AI functions; drive error budgets.Data Platform Enablement: Secure BigQuery with row-level security, enforce dataset IAM, and provide audit-friendly access patterns.Incident Response & Reliability: Own runbooks, on-call rotations, and post-mortems; design backup/restore, DR testing, and HA strategies.Cost & Performance Optimization: GKE autoscaling, BigQuery slot management, Cloud Functions scaling, and dashboards for spend visibility.Qualifications4+ years as DevOps/Platform/SRE in GCP production environments.Strong Terraform and Kubernetes (GKE) experience.Hands-on with deploying and managing Cloud Functions (Python).Experience managing IAM accounts, groups, and audit logs in GCP and Kubernetes.Familiarity with regulated/high-security environments (HIPAA, SOC2, ISO Experience with Prometheus/Grafana/Loki/Alloy/Elastic Stack and Cloud Monitoring.Strong GitLab CI/CD skills (multi-stage pipelines, scans, artifact signing, secure releases).Comfortable scripting/automating in Python.Preferred SkillsBigQuery operations (IAM, slot reservations, audit tables).Security certifications (CISSP, GCP Professional Cloud Security Engineer).Equal Opportunity StatementWe are committed to diversity and inclusivity.