Cloud GCP - Senior Engineer

Job Description

KEY RESPONSIBILITIES

. Design, implement, and maintain CI/CD pipelines for containerized applications targeting GKE on-prem (Google Distributed Cloud) clusters using Jenkins, GitLab CI, GitHub Actions.
. Own the full Kubernetes workload deployment lifecycle - Helm chart authoring, release management, rollout strategies (rolling/blue-green/canary), and rollback procedures.
. Implement and manage GitOps workflows using ArgoCD/TeamCity for declarative, version-controlled application delivery.
. Configure and manage CNI networking (Calico, Cilium, or Flannel) and define pod-level network policies for workload isolation.
. Manage ingress controllers ( HAProxy, NGINX Ingress) for service exposure.
. Manage and maintain private container registries (Harbor, Nexus, or JFrog) including image vulnerability scanning and lifecycle policies.
. Implement Kubernetes RBAC, namespace governance, Pod Security Standards, and audit logging for compliance and multi-tenancy.
. Deploy and operate observability stacks - Prometheus, Grafana, Alertmanager, ELK/EFK - and define SLI/SLO-based alerting.
. Integrate static code analysis, container image scanning, and policy checks into CI/CD pipelines as part of DevSecOps practices.
. Perform etcd backups, cluster disaster recovery drills, and Kubernetes version upgrade planning.
. Troubleshoot CI/CD pipeline failures, pod scheduling issues and network connectivity problems.
. Collaborate with development teams on application containerization, resource sizing, liveness/readiness probe design, and deployment best practices.
. Author and maintain runbooks, architecture diagrams, pipeline documentation, and post-incident reviews.
. Implement centralized secrets management using HashiCorp Vault or Kubernetes External Secrets Operator - integrate with CI/CD pipelines and workload deployments to eliminate hardcoded credentials, enforce secrets rotation policies, and audit secrets access across environments.

MANDATORY EXPERIENCE REQUIREMENTS

. 6-8 years of overall DevOps engineering experience, with 3+ years on GKE on-prem (Google Distributed Cloud) or Anthos environments.
. Proven experience building and owning end-to-end CI/CD pipelines for containerized microservices.
. Strong Helm chart authoring experience - not just consuming charts but writing and maintaining them.
. Hands-on GitOps experience with ArgoCD or TeamCity in a production environment.
. Solid understanding of GKE on-prem networking - ingress, services, network policies, DNS, and Anthos Service Mesh (ASM) integration.
. Experience with container image security scanning integrated into CI pipelines.
. Strong Linux system administration skills (RHEL/Ubuntu) - mandatory.
. Demonstrated ability to troubleshoot complex pipeline failures and Kubernetes workload issues in production.

PREFERRED QUALIFICATIONS

. Hands-on experience with GKE on-prem (Google Distributed Cloud) or Anthos deployments on VMware vSphere or bare metal infrastructure.
. Service mesh experience with Istio or Linkerd - traffic management, mTLS, observability.
. Exposure to policy-as-code frameworks: OPA/Gatekeeper or Kyverno.
. Experience implementing SLI/SLO frameworks and error budget tracking.
. Familiarity with secrets management tools: HashiCorp Vault or Kubernetes External Secrets Operator.
. Familiarity with Google Cloud tooling (GCP Console, Cloud Logging, Cloud Monitoring) as used in conjunction with GKE on-prem hybrid architectures.
. Experience with platform engineering concepts: Internal Developer Platforms (IDP).

Mandatory Competencies