DevOps Lead

We are looking for an experienced Infrastructure Engineer with deep Google Cloud Platform (GCP) networking expertise to design, build, automate, and operate cloud network services at scale. The role includes DNS as a Service offering, IP Address Management (IPAM), integrations with ServiceNow, FinOps automation (including tagging), Terraform-based infrastructure as code, and policy as code for compliance. You’ll partner with Operations, Security, FinOps, and Platform Engineering to deliver reliable, compliant, and cost-optimized cloud networking services.

• Network Design & Operations (GCP)
  • Design, implement, and operate GCP networking: VPCs, subnets, routing (Cloud Router/BGP), VPC peering, Private Service Connect, Cloud NAT, Cloud Firewall, Cloud Armor, load balancing (L7/L4).
  • Build scalable DNS and IPAM capabilities (DDI) across cloud and hybrid environments; manage Cloud DNS, forwarders, split-horizon, and DNSSECwhere applicable.
  • Define and enforce network security controls and segmentation aligned withcompliance frameworks and internal policies.
  • Troubleshoot complex network issues using packet capture, flow logs, and observability tooling.
• DNS as a Service (DNSaaS)
  • Own design and rollout of DNS as a Service—self-service APIs/portals, rolebased access, change governance, auditability, and automated validations.
  • Standardize DNS zones, records, naming conventions, and lifecyclemanagement across environments.
• IP Address Management (IPAM)
  • Implement and manage IPAM across GCP and hybrid networks; maintain authoritative inventory of IP allocations, subnets, and DHCP scopes.
  • Integrate IPAM with provisioning pipelines and ServiceNow for streamlined requests and approvals.
• Automation & Integrations
  • Develop automation for provisioning, changes, tagging, and governance using Python (and optionally Go) and CI/CD pipelines.
  • Build integrations with ServiceNow (CMDB, Change, Catalog), FinOps platforms, tagging workflows, and reporting.
  • Author and maintain Terraform modules for network patterns; establish standards and reusable templates.
• Policy as Code & Compliance
  • Implement policy as code using OPA/Conftestor Sentinel; enforce guardrails on Terraform plans and runtime configs.
  • Build compliance controls and continuous validation (CIS benchmarks, least privilege, route/firewall policies, DNS change governance).
• Cost Optimization (FinOps)
  • Partner with FinOps to drive cost visibility and optimization: resource tagging automation, rightsizing, data egress analysis, load balancer/caching strategies, and vanity/private endpoints.
  • Integrate with FinOps tooling (e.g., Apptio, Turbonomic) to analyze utilization and automate recommendations.
• Reliability & Observability
  • Establish SLOs for network services (DNS, routing, LB, NAT); build dashboards, alerts, and runbooks.
  • Participate in on-call rotation and continuous improvement via post-incident reviews.

• 5–10+ years in infrastructure/network engineering with 3+ years focused on GCP networking.
• Strong hands-on with: GCP: VPC, subnets, Cloud Router/BGP, VPC peering, Private Service Connect, Cloud NAT, Cloud Firewall, Cloud Armor, global/regional load balancers, Cloud DNS. DNS/IPAM/DDI concepts: authoritative/recursive DNS, split-horizon, DNSSEC, record types (A/AAAA/CNAME/TXT/SRV), DHCP lease management.
• Automation & IaC: Terraform (authoring modules, state management, workspaces), Python scripting, CI/CD (GitHub Actions/GitLab CI/Azure DevOps).
• Policy as Code: OPA/Conftestor HashiCorp Sentinel; pre-commit hooks and plan enforcement.
• ServiceNow integrations: Catalog/Change/CMDB; API-based workflows for provisioning and approvals.
• Solid understanding of network security (firewalls, segmentation, WAF/CDN, identity-aware proxies, TLS, certificates).
• Experience with observability (logs/metrics/traces), flow logs, packet capture tools, and performance tuning.
• Strong documentation, stakeholder communication, and operational discipline (runbooks, change governance).

• Experience with Apptio, Turbonomic for cost and performance optimization.
• Hands-on with DDI platforms (e.g., Infoblox, BlueCat), PKI/cert management.
• Kubernetes networking (CNI, Ingress, Service Mesh, NetworkPolicies).
• Multi-cloud exposure (AWS/Azure) and hybrid connectivity (VPN, Direct Peering/Interconnect).
• GCP Professional Cloud Network Engineer certification; Terraform Associate.
• Experience with RESTful API design, event-driven automation, and GitOps practice.

• Timely support internal & external customers escalations on multiple platforms.
• Troubleshoot the various problems that arise in implementation of DevOps tools across the project/ module.
• Perform root cause analysis of major incidents/ critical issues which may hamper project timeliness, quality or cost.
• Develop alternate plans/ solutions to be implemented as per root cause analysis of critical problems.