GKE Cluster Engineer

• The GCP Kubernetes Platform Engineer is responsible for designing, provisioning, and operating secure, scalable Google Kubernetes Engine (GKE) clusters that host containerized microservices across development, test, and production environments.

• This role enables application teams by delivering hardened Kubernetes platforms, automated CI/CD pipelines, standardized deployment patterns, and enterprise grade observability, security, and reliability.

• The engineer will work closely with application, DevSecOps, and SRE teams to ensure consistent, compliant, and repeatable Kubernetes based deployments on Google Cloud Platform (GCP).
  

Key Responsibilities:

GKE Cluster Provisioning & Configuration:

• Design, create, and manage Google Kubernetes Engine (GKE) clusters in Standard or Autopilot mode

• Configure Kubernetes versions and release channels aligned with platform standards

• Define and manage node pools (machine types, sizing, autoscaling policies)

• Enable cluster level capabilities such as autoscaling, logging, monitoring, and self-healing

• Manage cluster access and credentials for secure kubectl and automation access

Containerization of Microservices:

• Build and package microservices as OCI compliant container images

• Define runtime configurations, environment variables, and startup parameters

• Push and manage container images in GCP Artifact Registry or approved registries

• Enforce image versioning and immutability for repeatable deployments

• Optimize image size and security posture

Kubernetes Resource Definition & Configuration:

• Author and maintain Kubernetes manifests and templates (YAML / Helm / Kustomize)

• Define Deployments, StatefulSets, Jobs, and CronJobs as required

• Configure Services for internal discovery and load balancing

• Manage ConfigMaps and Secrets securely

• Implement Horizontal Pod Autoscalers (HPA) and resource requests/limits

Traffic Exposure, Ingress & Routing:

• Configure Kubernetes Service types (ClusterIP, LoadBalancer, NodePort)

• Design and implement Ingress, Gateway API, or Istio routing rules

• Integrate DNS, TLS certificates, and HTTPS termination

• Optionally integrate service mesh capabilities for advanced traffic management

Observability & Operations Enablement:

• Enable and integrate logging and monitoring using Google Cloud Operations

• Configure liveness, readiness, and startup probes

• Define alerts and dashboards for cluster and application health

• Enable autoscaling, self-healing, and resiliency best practices

CI/CD & Release Automation:

• Integrate CI pipelines to build, scan, and push container images

• Integrate CD pipelines to deploy Kubernetes manifests using GitOps or pipeline driven models

• Automate progressive delivery strategies (rolling, canary, blue, Green)

• Enable automated rollbacks and deployment verification

Container Security & Hardened Image Standards:

• Develop technical design notes and configuration specifications for hardened base images

• Enforce the use of Chainguard minimal, distroless, and secure container images

• Define policies for image provenance, vulnerability scanning, and runtime enforcement

• Collaborate with security teams to implement DevSecOps guardrails
  

Required Skills & Qualifications:

Technical Skills:

• Strong hands-on experience with Google Kubernetes Engine (GKE)

• Deep knowledge of Kubernetes primitives and cluster operations

• Containerization expertise using Docker / OCI images

• Experience with Ingress, Load Balancing, DNS, and TLS

• CI/CD tools and GitOps workflows

• Infrastructure as Code experience (Terraform preferred)

• Observability and monitoring in cloud Native environments

Security & Compliance:

• Container image hardening and vulnerability management

• Experience with hardened base images (Chainguard preferred)

• Secure secrets management and RBAC
  

Soft Skills:

• Strong documentation and design skills

• Ability to collaborate across platform, application, and security teams

• Client facing communication and delivery mindset
  

Preferred Qualifications:

• Google Cloud Professional certifications (Cloud Architect / DevOps Engineer)

• Experience with service mesh (Istio / Gateway API)

• SRE or Platform Engineering background

• Experience supporting regulated or enterprise environments
  
  

The pay range that the employer in good faith reasonably expects to pay for this position is $36.98/hour - $57.79/hour. Our benefits include medical, dental, vision and retirement benefits. Applications will be accepted on an ongoing basis.

Tundra Technical Solutions is among North America’s leading providers of Staffing and Consulting Services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.

Salary : $37 - $58