Equiti is a pioneering fintech firm and world-class provider of multi-asset fintech products - from liquidity solutions to in-house tech hubs to online trading platforms. With over 400 global specialists in 9 languages, Equiti provides clients with access to individual, professional, and institutional brokerage services in Europe, the Middle East, and Africa.
At Equiti, we believe that financial opportunities can unlock potential for everyone, everywhere. We're on a mission to deliver accessible online trading products around the world through education and accessibility.
Think finance is stuffy Think again.
We see Equiti as a new breed of broker, and we are on the lookout for talented individuals who can perform and excel in a dynamic and innovative working environment. Our Engineering Platforms department would like to welcome a detail-oriented
Senior Infrastructure Engineer in our office in Bangalore, India
Responsibilities
GCP Architecture & Operations
- Design, build, and operate production-grade environments on GCP (projects, folders, org policies).
- Standardize Cloud Run service patterns (revisions, concurrency, autoscaling, min/max instances, VPC access).
- Implement Cloud Build pipelines (triggers, build steps, artifacts, promotions), and manage secrets (Secret Manager).
Networking (Deep)
- Plan and manage VPCs, subnets, firewall rules, routes, shared VPC, Private Google Access.
- Configure Cloud NAT, Cloud Router, VPC Peering / Network Connectivity Center, Private Service Connect.
- DNS design & operations with Cloud DNS (zones, split-horizon, forwarding, policy, health checks).
Load Balancing & Proxies
- Architect and operate External/Internal HTTP(S), TCP/UDP (Network), and Proxy load balancers.
- URL maps, host/path routing, backend services, NEG types (serverless NEGs for Cloud Run), health checks, session affinity.
- TLS termination/offload, Google-managed certificates, mTLS where applicable.
Security & Compliance
- Strong IAM hygiene (least privilege, service accounts, workload identity federation).
- Network controls (hierarchical firewall policies, perimeter designs, VPC-SC where needed).
- Ensure infrastructure designs and configurations support PCI DSS controls related to:
- Network segmentation between cardholder data environments (CDE) and nonCDE systems.
- Firewall and VPC rules: restrict inbound/outbound traffic, maintain deny-bydefault posture.
- Encryption standards: enforce TLS 1.2+ for data in transit and AES-256 or Google-managed CMEK for data at rest.
- Access management: implement least-privilege IAM, service-account separation, and MFA on administrative accounts.
- Change management: follow approved processes for infrastructure and DNS/network modifications.
- Vulnerability management: ensure patching cadence and vulnerability scans across compute and containerized workloads.
- Audit logging and monitoring: maintain Cloud Audit Logs, VPC Flow Logs, and GCS access logs with immutable retention and alerting.
Reliability, DR & HA
- Multi-zone/region strategies, RTO/RPO definitions and testing.
- Backups & restore runbooks (Cloud SQL, GCS, Firestore), traffic failover patterns, dependency maps.
Observability & Cost Management
- Logging/metrics/tracing with Cloud Monitoring & Cloud Logging; SLO/SLA/SI targets.
- Cost visibility: labels/tagging standards, budgets & alerts, committed use discounts, rightsizing.
Platform & Containers
- Container build hardening (distroless/base image strategy), SBOMs, vulnerability scanning.
- Runtime policies, connection management (DB proxies, private endpoints), perf tuning of Cloud Run (cold start, CPU always on).
Enablement & Collaboration
- Write concise runbooks, diagrams, and architecture docs.
- Mentor junior engineers; provide client-first support mindset and pragmatic guidance.
Experience Requirements
- 46 years in cloud infrastructure/SRE with at least 3 years on GCP.
- Hands-on with Cloud Run, Cloud Build, Cloud DNS, Cloud NAT/Router, LBs, Secret Manager, KMS.
- Strong networking fundamentals (TCP/IP, BGP basics, CIDR, NAT, proxies, DNS).
- Proven track on cost management, monitoring/alerting, and production incident handling.
- Solid grasp of DR/HA, RTO/RPO, backup/restore, and traffic failover.
- SSL/TLS: cert lifecycle, ciphers, HSTS basics; Google-managed certs on LBs.
- Scripting/infra-as-code (Terraform preferred); Git-based workflows.
Perks
Each of our offices has its special perks; be it no ties, free lunches, charity events, or a hybrid work policy but whenever you walk into an Equiti office, you're sure to see a friendly face. We encourage international collaborations and always keep our eyes open to how we can do more.
The benefits you can expect at your Equiti workplace include:
- Competitive salary package
- Performance-based bonus
- Medical insurance coverage for employees and family members
- Smart working options
- Employee wellness initiatives
- Personalized career development
- Company lunch in the office
- Regular company events
With energy, drive, and imagination, there's no limit to where your career can go at Equiti. With a diverse workforce and geographical spread of offices, we strongly support career development initiatives as well as provide a range of opportunities for professional and life experiences.
Equiti is an equal opportunity employer.
Equiti refers to a group of companies consisting of seven regulated financial services companies licensed to operate in the respective jurisdictions of their incorporation, in addition to our tech and marketing hubs. Equiti has presence in Africa, Europe, and the Middle East.
