Cloud GCP - Senior Engineer

Job Description

Key Responsibilities
. Provision and configure GKE On Prem clusters, including node pool design and cluster version alignment as defined by platform standards.
. Deploy and manage microservices containerized workloads - Deployments, StatefulSets, DaemonSets, Services, ConfigMaps, and Secrets.
. Author and maintain Helm charts for application packaging and environment-based configuration.
. Configure Kubernetes networking - ingress controllers, services, DNS, and basic network policies.
. Manage persistent storage for GKE On Prem workloads using on premises storage integrated via Kubernetes CSI drivers, supporting block and shared file storage for stateful applications.
. Design, deploy, and manage Google Kubernetes Engine (GKE) clusters on Google Cloud using both Standard and Autopilot deployment models.
. Support application migration and onboarding to GKE On Prem environments, including containerization, Helm based packaging, access configuration, connectivity validation, and deployment to Anthos managed clusters.
. Implement RBAC policies and namespace configurations for workload isolation and access control.
. Perform routine cluster health checks - node status, resource utilization, pod scheduling, and etcd backup verification.
. Write and maintain runbooks, deployment guides, and cluster documentation.
. Work closely with senior engineers, taking guidance on architecture decisions while owning execution independently.
. Configure and manage autoscaling mechanisms - implement Horizontal Pod Autoscaler (HPA) based on CPU and memory metrics, Vertical Pod Autoscaler (VPA) for resource right-sizing, and Cluster Autoscaler for dynamic node scaling based on workload demand.
. Apply and enforce Pod Security Standards (PSS) and Pod Security Admission (PSA) controls - configure restricted, baseline, and privileged policies per namespace to prevent privilege escalation, host path mounts, and insecure container configurations.
. Integrate Identity Provider (IdP) systems with Kubernetes for centralized authentication and SSO - configure OIDC-based authentication using Azure IDP or Okta, and set up LDAP / Active Directory integration for user and group mapping to Kubernetes RBAC roles and namespace-level permissions.

Required Experience
. 5 years of total experience in Systems Engineering, Cloud Infrastructure, or DevOps Engineering roles.
. 3+ years of hands-on GKE experience - cluster provisioning, node pool management, Helm, Workload Identity, and workload deployment on Google Cloud.
. Solid Linux system administration skills - familiarity with GCP Compute OS, Container-Optimized OS, and standard Ubuntu/RHEL environments.
. Working knowledge of container fundamentals - Docker or Podman build, run, and push workflows.
. Genuine hands-on experience: candidates must be able to demonstrate K8s and Linux tasks in a technical screening.
. Ability to work independently on assigned tasks with guidance from senior engineers on design decisions.
Good to Have
. Experience with service mesh: Istio or Linkerd
. Deeper GCP experience beyond GKE: VPC networking, Cloud Armor, IAM, Cloud Logging, Cloud Monitoring, and Artifact Registry
. Knowledge of Terraform or Ansible for infrastructure provisioning
. Experience with container security scanning tools .
. Prior involvement in Greenfield infrastructure build-outs

Mandatory Competencies