Senior GCP Architect – Cloud Engineer

Job Description:

• Lead the architecture and implementation of GCP Entitlement and Access Control systems, including IAM policies, service account governance, and least-privilege access models
• Design and deliver a self-serve Landing Zone framework that enables Platform Engineering teams to provision and manage cloud environments consistently and at scale
• Co-lead delivery of a Platform Ops Portal, covering management functions such as environment provisioning, access requests, cost visibility, and operational workflows
• Partner with client engineering and security teams to align the access control model with regulatory and compliance requirements in a financial services context
• Define and enforce GCP governance guardrails, including organization policies, resource hierarchy design, and VPC Service Controls
• Drive technical review, identify gaps, and shape the delivery approach before the project kicks off
• Enable internal teams through documentation, runbooks, and knowledge transfer that outlast the engagement

Requirements:

• 7+ years in cloud engineering or architecture, with at least 4 years hands-on with GCP in a lead or architect capacity
• Deep expertise in GCP IAM, including workload identity, service account management, custom roles, and policy inheritance
• Proven experience designing Landing Zones or platform engineering frameworks on GCP (Cloud Foundation Toolkit, blueprints, or equivalent)
• Experience building or contributing to internal developer portals or Platform Ops tooling (Backstage, custom portals, or similar)
• Strong command of Infrastructure-as-Code, primarily Terraform on GCP
• Ability to engage directly with client stakeholders and translate technical architecture decisions into clear recommendations
• Nice to Have: Experience with GCP Security Command Center, Chronicle, or Access Transparency
• Familiarity with GCP Assured Workloads or sovereign cloud configurations for regulated industries
• Background in multi-cloud environments where GCP is the primary landing zone
• Google Cloud Professional certifications (Cloud Architect, Security Engineer, or equivalent)

Benefits:

• Employees can work remotely

Apply tot his job Apply To this Job