Job Description

Job Title:

Cloud Engineer

About the Role:

We’re looking for a hands-on Cloud Engineer to take ownership of our Google Cloud Platform (GCP) environment, focusing on Infrastructure and Data security, scalability, and governance. This role will be instrumental in establishing a strong foundation for our data and platform teams by designing secure cloud infrastructure, implementing VPC Service Controls (VPC-SC), and improving IAM and network policies across our environment.

This is a high-impact role with end-to-end ownership, ideal for someone who thrives on building secure, scalable systems from the ground up.

Key Responsibilities:

• Architect and implement secure GCP environments, including org/folder/project structure, VPCs, subnets, and peering.
• Collaborate with data engineering and analytics teams to support data quality, lineage, and observability initiatives, including access design for BigQuery, GCS, and Vertex AI.
• Implement and support tools and policies that enable secure, governed access to sensitive datasets while maintaining usability for analytics and ML workloads.
• Design, deploy, and manage VPC Service Controls (VPC-SC) to enforce service-level data boundaries.
• Define and manage IAM policies, custom roles, and org-level policy constraints (e.g., allowed APIs, location restrictions).
• Build and maintain infrastructure-as-code (IaC) using Terraform for GCP resources and security controls.
• Collaborate with data and platform teams to ensure infrastructure enables secure data access and compliance.
• Implement audit logging, encryption, and access transparency best practices.
• Contribute to initial CI/CD bootstrapping (Cloud Build, GitHub Actions) and secrets management where applicable.
• Monitor cloud infrastructure for cost, security, and performance, and recommend optimizations.

Must-Have Qualifications:

• 6+ years of experience in cloud infrastructure, with 3+ years on GCP
• Proven expertise with VPC Service Controls (VPC-SC) and service perimeter design
• Strong understanding of IAM design, including access levels, conditional IAM, and org policies
• Proficiency in Terraform, including module development and environmental promotion
• Solid understanding of networking concepts: VPCs, private access, firewall rules, inter-project communication
• Experience with security and compliance best practices in cloud environments (e.g., encryption, audit logs, CIS benchmarks)

Nice-to-Have Skills:

• Exposure to CI/CD pipelines (Cloud Build, GitHub Actions etc.)
• Familiarity with GKE, Cloud Run, or other containerized workloads
• Understanding of data platform needs (e.g., BigQuery access models, cross-project access)
• Experience with monitoring/logging stacks (Cloud Monitoring, Prometheus, etc.)

Soft Skills:

• Strong communication skills and ability to work cross-functionally with security, data, and engineering teams
• A security-first mindset with a pragmatic approach to risk management
• Bias toward automation and reproducibility

Job Tags

Similar Jobs