Cloud Engineer (Google Cloud Platform Ops, Security & Governance)

Our client is hiring a Cloud Engineer (Google Cloud Platform Ops, Security & Governance) on a long-term contract basis.

Work Location: Englewood Cliffs, NJ
Work Model: In Office

Summary:

We are seeking a Cloud Engineer to join our OneData team. While you will help manage our core infrastructure, your primary focus will be on Governance, Security, and Observability. You will be responsible for implementing guardrails, tracking assets, and ensuring our IAM policies follow the principle of least privilege. You will use advanced Google Cloud Platform tools to audit our environment and ensure our transition to new infrastructure is secure by default.
This is a hands-on role ideal for an engineer looking to deepen their expertise in Cloud Operations, Infrastructure and Data Operations.

Responsibilities:

• Organization Policies: Define and enforce guardrails to prevent mistakes before they happen (e.g., configuring "Restrict Domain Sharing" to prevent external access or "Restrict Resource Location" to ensure data residency).
• Policy Intelligence: Utilize IAM Recommender and Policy Intelligence tools to identify users with over-provisioned access and remove permissions that haven't been used in 90+ days.
• IAM Architecture: Manage IAM roles at the Organization and Project levels, ensuring secure authentication and authorization for users and Service Accounts.
• Cloud Asset Inventory: Act as the owner of our cloud inventory. You will run queries to answer critical questions like "Which storage buckets are public?" or "Who has 'Editor' permission on this project?"
• Drift Detection: Monitor the environment and ensure all resources are properly tagged and accounted for.
• Project Factory: Move away from manual operations. Use Terraform to script the creation of new projects, automatically enabling the correct APIs, configuring logging sinks, and assigning standard IAM groups instantly.
• State Management: Maintain the Terraform state for our core infrastructure (GKE, Cloud SQL, VPCs).
• Monitoring & Alerting: Build comprehensive dashboards in Google Cloud Monitoring. Design intelligent alerts that distinguish between a true incident and background noise.
• Operational Health: Oversee the stability of our GKE clusters and Cloud Composer (Airflow) environments, troubleshooting performance bottlenecks and resource contention.
• Assist in migrating workloads to containerized and managed compute environments.
• Audit new infrastructure projects and ensure alignment with architecture and security standards.

Required Qualifications:

• Experience: 4+ years in Cloud Engineering, Security Operations, or Platform Engineering.
• Google Cloud Platform Governance Tools: You have specific, hands-on experience with Cloud Asset Inventory, Policy Intelligence, and Organization Policies.
• IAM Expert: You understand the hierarchy of Google Cloud Platform permissions and why we avoid basic roles (Owner/Editor) in production.
• Terraform Proficiency: You are comfortable writing modules to automate project setup and IAM assignments.
• Core Infrastructure: Solid understanding of Compute Engine, GKE, and Networking (VPC/Firewall rules).

Preferred (Bonus) Skills:

• Experience with Apache Airflow or Cloud Composer.
• Google Cloud Professional Cloud Security Engineer certification.
• Experience writing Python scripts to query Google Cloud Platform APIs for audit reports.

Pay Rate: $50 - $60
Job ID: 84058