Cloud GCP - Senior Engineer

Job Description

KEY RESPONSIBILITIES

•    Design, implement, and maintain CI/CD pipelines for containerized applications targeting GKE on-prem (Google Distributed Cloud) clusters using Jenkins, GitLab CI, GitHub Actions.
•    Own the full Kubernetes workload deployment lifecycle — Helm chart authoring, release management, rollout strategies (rolling/blue-green/canary), and rollback procedures.
•    Implement and manage GitOps workflows using ArgoCD/TeamCity for declarative, version-controlled application delivery.
•    Configure and manage CNI networking (Calico, Cilium, or Flannel) and define pod-level network policies for workload isolation.
•    Manage ingress controllers ( HAProxy, NGINX Ingress) for service exposure.
•    Manage and maintain private container registries (Harbor, Nexus, or JFrog) including image vulnerability scanning and lifecycle policies.
•    Implement Kubernetes RBAC, namespace governance, Pod Security Standards, and audit logging for compliance and multi-tenancy.
•    Deploy and operate observability stacks — Prometheus, Grafana, Alertmanager, ELK/EFK — and define SLI/SLO-based alerting.
•    Integrate static code analysis, container image scanning, and policy checks into CI/CD pipelines as part of DevSecOps practices.
•    Perform etcd backups, cluster disaster recovery drills, and Kubernetes version upgrade planning.
•    Troubleshoot CI/CD pipeline failures, pod scheduling issues and network connectivity problems.
•    Collaborate with development teams on application containerization, resource sizing, liveness/readiness probe design, and deployment best practices.
•    Author and maintain runbooks, architecture diagrams, pipeline documentation, and post-incident reviews.
•    Implement centralized secrets management using HashiCorp Vault or Kubernetes External Secrets Operator — integrate with CI/CD pipelines and workload deployments to eliminate hardcoded credentials, enforce secrets rotation policies, and audit secrets access across environments.

MANDATORY EXPERIENCE REQUIREMENTS

•    6-8 years of overall DevOps engineering experience, with 3+ years on GKE on-prem (Google Distributed Cloud) or Anthos environments.
•    Proven experience building and owning end-to-end CI/CD pipelines for containerized microservices.
•    Strong Helm chart authoring experience — not just consuming charts but writing and maintaining them.
•    Hands-on GitOps experience with ArgoCD or TeamCity in a production environment.
•    Solid understanding of GKE on-prem networking — ingress, services, network policies, DNS, and Anthos Service Mesh (ASM) integration.
•    Experience with container image security scanning integrated into CI pipelines.
•    Strong Linux system administration skills (RHEL/Ubuntu) — mandatory.
•    Demonstrated ability to troubleshoot complex pipeline failures and Kubernetes workload issues in production.

PREFERRED QUALIFICATIONS

•    Hands-on experience with GKE on-prem (Google Distributed Cloud) or Anthos deployments on VMware vSphere or bare metal infrastructure.
•    Service mesh experience with Istio or Linkerd — traffic management, mTLS, observability.
•    Exposure to policy-as-code frameworks: OPA/Gatekeeper or Kyverno.
•    Experience implementing SLI/SLO frameworks and error budget tracking.
•    Familiarity with secrets management tools: HashiCorp Vault or Kubernetes External Secrets Operator.
•    Familiarity with Google Cloud tooling (GCP Console, Cloud Logging, Cloud Monitoring) as used in conjunction with GKE on-prem hybrid architectures.
•    Experience with platform engineering concepts: Internal Developer Platforms (IDP).

Mandatory Competencies