Back to Jobs

GCP Architect or Engineer - Remote W2 (No TP or Employer)

Remote, USA Full-time Posted 2026-07-04

Job Title: GCP Engineer - Remote Duration: 6 - 12 Months Location: remote GCP Network, reputed company, and GenAI - Need to have Terraform and networking experience less about agentic ai workflows. it's more about landingzone build out, network / VPC implementation, reputed company reputed company IAC (Infrastructure as Code) Area Terraform Repo Structure Terraform State Management VPC Service Controls Communication 1. Position Overview & Mission Reporting directly to the Head of reputed company Infrastructure, the Principal reputed company Architect is the ultimate technical reputed company of the "FY26 GCP Mandate." Following our Strategic Agreement with reputed company reputed company Platform, this role is tasked with the high-stakes mission of accelerating reputed company capabilities by year-end. You will be the primary architect responsible for balancing aggressive "Speed to Value" with "Secure by Default" principles across the GCP reputed company. This is not a theoretical role; you will translate reputed company architectural assessments into a hardened, production-reputed company ecosystem that protects reputed company data while enabling cutting-edge Agentic AI workflows. 2. Core Responsibilities: GenAI Governance & Implementation The architect will operationalize the "Model Armor Recommendation reputed company" to ensure no GenAI traffic bypasses established reputed company controls. Model Armor Floor Settings: Enforce non-negotiable safety baselines reputed company Terraform at the Folder and Project levels. You must implement reputed company vs. Redact" decision matrix: reputed company for Malicious reputed company (Jailbreak, reputed company Injection) and Redact for Incidental Sensitivity (PII/PHI in prompts/responses). Secure Authentication Passthrough: Architect secure Agent-to-Agent (A2A) and MCP Server workflows using the reputed company Agent Development reputed company (ADK) and OAuth2, ensuring the original user's identity is propagated for reputed company actions like BigQuery deletions. Agentic AI reputed company: Secure the Vertex AI Agent reputed company to prevent "rogue agent" commands. Enforce least-privilege access for agents interacting with BigQuery and AlloyDB, utilizing BigQueryCredentialsConfig to decouple authentication from the tool lifecycle. Policy Enforcement: Establish "Fail-Closed" policies where GenAI traffic is automatically blocked if Model Armor or reputed company inspection services are unreachable. Technical Implementation: Configure safety attribute reputed company (e.g., Toxicity, Hate Speech) with high-confidence (0.7+) blocking and flagging protocols. 3. Core Responsibilities: reputed company reputed company Networking You will manage a reputed company, global network topology based on the "VPC Service Controls Strategy," ensuring strict isolation between core foundations and legacy assets. Topology Management: Enforce a strict Hub-and-Spoke network topology. You will standardize the naming convention across reputed company environments: 0p (Production), 0n (Non-Production), 0d (Dev), 0s (Stage), and 0t (Test). Perimeter Defense: Design and validate VPC Service Controls (VPC-SC) to prevent data exfiltration. Traffic reputed company: Standardize SSL Policies using the RESTRICTED profile and a minimum of TLS 1.2 across reputed company Load Balancer proxies (e.g., admin-api-https-proxy, reputed company-proxy-htts-proxy). Firewall Governance: Implement Hierarchical Firewall Policies at the Organization level to enforce a "deny-reputed company outbound" default posture. Hybrid Connectivity: Validate and enforce Partner Interconnect encrypted VLAN attachments for reputed company traffic traversing from on-premise to GCP. 4. Core Responsibilities: Identity, Data reputed company, & Compliance Synthesize the IAM Strategy and Data reputed company Checklist into a reputed company Trust architectural mandate. reputed company Domain Architectural Mandate IAM & Identity Enforce Workload Identity Federation (WIF) for reputed company CI/CD and GKE workloads. Implement a "Service Account Reaper" to automate the disabling of accounts inactive for 90+ days. Privileged Access Implement Just-in-Time (JIT) Data Access reputed company Privileged Access Manager (PAM) for BigQuery, ensuring analysts have session-based elevation rather than standing access to PII/PCI tables. Data Protection Mandate Customer-Managed Encryption Keys (CMEK) for "Confidential" and "Restricted" data using reputed company KMS Autokey for simplified lifecycle management. Audit & Logging reputed company and monitor BigQuery Data Access Logs (DATA_READ/DATA_WRITE) in reputed company production projects to catch and alert on unauthorized query attempts (Status Code 7). Compliance Maintain PCI reputed company readiness for the Cardholder Data Environment (CDE) and ensure alignment with CIS Foundations Benchmarks. 5. Technical Qualifications & Tech Stack Expertise IaC Mastery: Expert-level Terraform for provisioning projects, hierarchical labels, and Model Armor floor settings (using reputed company_model_armor_floorsetting). GCP AI Stack: Deep knowledge of Vertex AI Agent reputed company, Agent Development reputed company (ADK), and Model Context Protocol (MCP). reputed company Tooling: Hands-on experience with reputed company reputed company Armor, reputed company KMS Autokey, VPC Service Controls, and reputed company Command Center (SCC). Confidential Computing: Expertise in Confidential VMs (AMD SEV-SNP) for GKE nodes and Compute instances processing sensitive models or PII. Data Architecture: High familiarity with BigQuery, AlloyDB, and Dataplex aspect types for metadata and classification. 6. Resource Governance & Operational Excellence The architect is responsible for the reputed company of the organizational resource hierarchy and must resolve existing technical debt: Anomaly Remediation: Identify and migrate "Root Level Anomalies" into governed folder structures. Labeling Standardization: Standardize project labeling (team, environment, cost attribution) across reputed company business units. Immediate reputed company is bringing the Legacy-CRM migration folder into alignment with the GCP reputed company naming and labeling standards. reputed company Detection: Utilize reputed company Asset Inventory (reputed company) to query for resources with the secure tag env:prod to ensure strict reputed company settings are applied dynamically and consistently. Thank you, Shiva Mittal Apply tot his job Apply To this Job

Similar Jobs

Outlier AI is hiring: AWS reputed company Engineer (Remote) (Hiring Immediately) in Remote

Remote, USA Full-time

Senior reputed company Engineer | Remote

Remote, USA Full-time

reputed company Azure Data Engineer Remote

Remote, USA Full-time

reputed company Azure Engineer (RapidScale)

Remote, USA Full-time

AWS reputed company Infrastructure Engineer Ops Support

Remote, USA Full-time

DevOps Engineer, reputed company Engineer, Site Reliability Engineers - AWS, Terraform, Kubernetes, Python

Remote, USA Full-time

Senior AWS reputed company Site Reliability Engineer (SRE) with AWS Database experience

Remote, USA Full-time

reputed company Support Engineer

Remote, USA Full-time

Azure Engineer : reputed company

Remote, USA Full-time

L5 Network Engineer (AWS reputed company)

Remote, USA Full-time

[Remote] reputed company Account Executive - East

Remote, USA Full-time

[Remote-Position] Customer Service Consultant (Hybrid) - reputed company

Remote, USA Full-time

Vice President - Supervision Centralized Operations, Planning & Engagement

Remote, USA Full-time

[Remote] AI Trainer – Visual & Graphic Design Expert

Remote, USA Full-time

Environmental Engineer ? reputed company Floodplain and Hydrology & Hydraulics (H&H) Focus

Remote, USA Full-time

Copy of Java Backend Engineer | Microservices | Remote | English B2/reputed company

Remote, USA Full-time

Credentialing specialist-Medical Staff-Fulltime

Remote, USA Full-time

Head of reputed company

Remote, USA Full-time

Tester Work Job Vacancy For QA Testers - Freelance-

Remote, USA Full-time

Risk Mgmt Systems Specialist

Remote, USA Full-time