Cloud Engineer III
Role details
Job location
Tech stack
Job description
We are seeking a Platform Engineer III to lead the design, engineering, and security of enterprise-scale Google Cloud platforms, with a focus on enabling and protecting AI-enabled workloads. This role is responsible for building the underlying GCP foundation that AI systems depend on-including landing zones, networking, identity, data protection, and controlled access to services such as Vertex AI and Gemini. You will define how these services are securely consumed across the organization, ensuring strong governance, isolation, and compliance. You will help architect and enforce secure connectivity patterns, private access to AI services, API and endpoint protection, data security controls, and policy-driven access models. These standards will be embedded into Terraform-based infrastructure and CI/CD pipelines to ensure consistency and scalability. The focus of this role is to make AI workloads production-ready, auditable, and secure at scale., * Design and evolve enterprise GCP platforms and landing zones
- Define standards for scalable, resilient, and secure cloud infrastructure
- Own multi-project and multi-cloud architecture, organization hierarchy, and governance models
Secure AI & Cloud Workloads
- Architect security controls protecting AI platforms and services (Gemini, Vertex AI)
- Implement safeguards for:
- Sensitive data exposure (PII, PCI)
- API and model endpoint security
- Identity and access boundaries
- Establish secure patterns for AI consumption (not model development)
- Partner with security teams on AI risk management and compliance
Networking & Connectivity
- Lead architecture for:
- Shared VPC and private service access
- Private Service Connect and service isolation
- Hybrid connectivity (VPN, Interconnect)
- Harden ingress/egress paths for AI and application endpoints
- Enforce network segmentation and zero-trust principles
Infrastructure Automation & CI/CD
- Build and standardize Terraform-based infrastructure
- Drive CI/CD pipelines for infrastructure and platform services
- Implement GitOps workflows and automated policy enforcement
- Enable secure deployment of AI-integrated applications
Governance & Security Engineering
- Implement enterprise security frameworks using:
- IAM, VPC Service Controls, KMS, DLP
- Policy enforcement and compliance automation
- Integrate with tools such as Wiz, SIEM, and vulnerability management platforms
- Define best practices for secure external endpoints and API exposure
Leadership & Influence
- Serve as a technical leader and advisor across Cloud, Security, and Engineering teams
- Drive adoption of secure cloud and AI practices
- Mentor engineers on GCP architecture, security, and automation
Requirements
Do you have experience in Virtual Private Clouds?, * 8+ years of experience in cloud engineering, platform engineering, or cloud architecture
- Expertise in Google Cloud Platform (GCP)
- Strong experience with:
- GCP networking (VPCs, Private Service Connect, hybrid connectivity)
- Landing zone design and governance
- Cloud security architecture and compliance frameworks
- Hands-on expertise in:
- Terraform (Infrastructure as Code)
- CI/CD pipelines (GitLab or similar)
- Experience securing:
- APIs, external endpoints, and distributed systems
- Cloud-native and AI-integrated workloads, * Exposure to Vertex AI, Gemini, or AI-enabled platforms (from a platform/security perspective)
- Experience with AI security, model protection, and data governance frameworks
- Familiarity with tools such as Wiz, DLP, SIEM, CSPM
- Multi-cloud experience (AWS preferred)
- GCP certifications (Professional Cloud Architect, Security Engineer)