Experience
9 - 14 yrs
Job Location
Central Remote, Remote
Vacancy
1
Designation
Cloud Security Engineer
Job Type
ONSITE
Job Description
About the Role: We are seeking a Staff Engineer - Cloud Infrastructure Security to act as a technical architect and leader across HighLevel s cloud platform.
This role is a senior individual contributor position responsible for designing and evolving secure, scalable, and resilient infrastructure on GCP, with deep ownership across Kubernetes, networking, IAM, and edge security (Cloudflare).
You will work closely with Platform Engineering, SRE, and Cyber Security teams to ensure infrastructure is secure by design, highly available, and aligned with modern best practices, while enabling teams to move fast safely.
Responsibilities:
- Cloud Infrastructure Architecture (GCP):
- Design and evolve GCP-based infrastructure architecture for scalability, resilience, and security.
- Define standards for:
- Project and environment structure
- Multi-region deployments
- High availability and failover strategies
-
- Lead architectural reviews for high-impact infrastructure changes.
- Ensure infrastructure supports high-scale, multi-tenant SaaS workloads.
-
- Kubernetes Platform (GKE):
- Architect and optimize Kubernetes (GKE) platforms for production workloads.
- Define and enforce:
- Cluster architecture and node pool strategies
- Workload isolation and scheduling policies
- Upgrade and lifecycle management strategies
-
- Improve reliability, scalability, and operational efficiency of Kubernetes environments.
-
- Networking Edge (Cloudflare):
- Design and manage secure and scalable cloud networking:
- VPCs, subnets, routing, and firewalls
- Load balancing and traffic routing
-
- Own integration with Cloudflare, including:
- CDN configuration
- WAF rules and DDoS protection
- Edge security and traffic management
-
- Ensure low-latency, resilient, and secure traffic flows.
-
- Identity Access Management (IAM):
- Design and enforce least-privilege IAM architecture across GCP and platform systems.
- Define standards for:
- Service accounts and roles
- Access control policies
- Just-in-time access and auditing
-
- Partner with Cyber Security to continuously improve access posture and reduce risk.
-
- Cloud Security Platform Hardening:
- Build and enforce secure-by-default infrastructure patterns.
- Partner closely with Cyber Security teams to:
- Identify and remediate vulnerabilities
- Implement security controls and guardrails
- Support threat modeling and risk assessments
-
- Secure Kubernetes workloads, networking layers, and cloud services.
-
- Infrastructure as Code Automation:
- Drive adoption and quality of Infrastructure as Code (IaC) using tools like Terraform.
- Build reusable infrastructure modules and automation frameworks.
- Ensure infrastructure changes are Auditable, Repeatable Safe
- Reduce manual operational work through automation.
-
- Reliability, DR Operational Readiness:
- Design and improve disaster recovery (DR) and failover strategies.
- Define and validate RTO / RPO objectives.
- Partner with SRE teams to improve Incident response, System resilience Operational readiness
- Participate in postmortems and drive systemic improvements.
-
- Performance Cost Optimization:
- Identify infrastructure inefficiencies and performance bottlenecks.
- Partner with FinOps and Cloud teams to:
- Optimize resource utilization
- Improve cost visibility and predictability
-
- Balance performance, reliability, and cost in architectural decisions.
-
- Technical Leadership Mentorship:
- Act as a technical leader across Cloud Infrastructure and Security domains.
- Mentor SDE2, SDE3, and Lead engineers.
- Drive design reviews, architecture discussions, and best practices.
- Influence teams across the organization without direct authority.
-
No Referrers Available
There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.