Demo

Senior GCP Architect & Engineer

Zion Cloud Solutions
Deerfield, IL Full Time
POSTED ON 12/1/2025 CLOSED ON 1/1/2026

What are the responsibilities and job description for the Senior GCP Architect & Engineer position at Zion Cloud Solutions?

Job Title: Senior Google Cloud Architect – Infrastructure & Network

Location: Remote (Office in Deerfield, IL)

Department: Google Practice

Reports To: Head of Google Practice


Key Responsibilities

Landing Zone Architecture: 

  • Design and deploy multi-tenant, multi-region landing zones using Google Cloud Organizations, Folders, and Projects to enforce resource isolation and governance. 
  • Implement custom IAM roles, policies, and Organization Policy constraints (e.g., restricting public IPs, enforcing VPC Service Controls) to align with enterprise security baselines. 
  • Set up centralized logging and monitoring with Cloud Logging, Cloud Monitoring, and BigQuery for audit trails and operational insights across landing zones.

Advanced Networking: 

  • Architect VPC topologies, including Shared VPCs with service projects, VPC peering, and subnet segmentation for microservices and hybrid workloads. 
  • Configure hybrid connectivity using Dedicated Interconnect or Partner Interconnect, paired with Cloud Router for dynamic BGP routing between on-premises data centers and GCP. 
  • Deploy Cloud NAT, Private Google Access, and DNS Hub to secure egress/ingress traffic and enable private Kubernetes clusters or GCE instances.

Security Hardening: 

  • Integrate VPC Service Controls to create security perimeters around sensitive data, preventing exfiltration risks in multi-project environments. 
  • Deploy policies for DDoS protection, WAF rules, and geo-based access controls at the edge. 
  • Configure KMS for customer-managed encryption keys (CMEK) and HSM integration to secure data at rest and in transit, ensuring compliance with standards like NIST 800-53 or CIS benchmarks.

Control Plane & Automation: 

  • Build a fully automated control plane using Terraform to provision VPCs, subnets, firewall rules, GKE clusters, and service accounts with least-privilege principles. 
  • Leverage Google Cloud Deployment Manager or Anthos Config Management for policy-as-code enforcement across landing zones. 
  • Script custom automation workflows (Python, Go) to integrate with Cloud Build CI/CD pipelines for infrastructure provisioning and validation.

Cost Governance & Optimization: 

  • Implement Billing Accounts with hierarchical cost allocation and create dashboards for real-time cost visibility. 
  • Optimize workloads by recommending preemptible VMs, sustained-use discounts, or committed use contracts, balancing cost with SLAs. 
  • Identify idle resources, over-provisioned instances, or unutilized IP ranges, driving continuous cost efficiency.

Technical Leadership: 

  • Collaborate with application teams to integrate landing zones with GKE, Cloud Run, or App Engine workloads, ensuring seamless network and security alignment. 
  • Troubleshoot complex issues—e.g., BGP convergence delays, IAM permission sprawl, or GKE pod networking failures—using tools like Packet Mirroring and Trace. 
  • Lead architecture reviews, produce detailed HLD/LLD documents and evangelize GCP best practices within the team.


Qualifications

      Experience: 

  • 7 years in cloud infrastructure engineering, with 3 years architecting GCP environments at scale. 
  • Demonstrated success in deploying production landing zones with 10 projects, hybrid connectivity, and 100 VPCs/subnets. 
  • Hands-on experience debugging L3/L4 network issues (e.g., MTU mismatches, NAT traversal) and securing multi-cloud or hybrid setups.

Technical Skills: 

  • Mastery of GCP networking stack: VPC, Cloud Router, Load Balancers (Global/Regional), Traffic Director, and Hybrid Connectivity options. 
  • Expert-level proficiency with Terraform HCL for multi-module deployments, including provider-level integrations with GCP APIs. 
  • Deep knowledge of GCP security tools: Security Command Center, Chronicle, Forseti, and Cloud DLP for data classification and redaction. 
  • Experience with GKE networking (e.g., Calico CNI, Network Policy), Anthos Service Mesh, or Istio for microservices deployments. 
  • Fluency in scripting (Python, Bash, or Go) and querying BigQuery for cost/performance analysis.

Certifications (Preferred): 

  • Google Cloud Professional Cloud Architect 
  • Google Cloud Professional Network Engineer 
  • Google Cloud Professional Security Engineer 
  • HashiCorp Certified: Terraform Associate

Soft Skills: 

  • Ability to dissect RFCs or GCP whitepapers and translate them into actionable designs. 
  • Strong communication skills to whiteboard complex architectures for CTOs or debug live with SREs. 
  • Comfortable leading under pressure, e.g., resolving P1 outages tied to misconfigured firewall rules or IAM deny policies.



Salary.com Estimation for Senior GCP Architect & Engineer in Deerfield, IL
$108,466 to $133,774
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Senior GCP Architect & Engineer?

Sign up to receive alerts about other jobs on the Senior GCP Architect & Engineer career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$108,098 - $130,480
Income Estimation: 
$131,611 - $156,576
Income Estimation: 
$129,363 - $167,316
Income Estimation: 
$145,845 - $177,256
Income Estimation: 
$147,836 - $182,130
Income Estimation: 
$154,597 - $194,610
Income Estimation: 
$86,891 - $130,303
This job has expired.
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Zion Cloud Solutions

Cybersecurity Engineer
Apply
  • Zion Cloud Solutions Washington, DC
  • Job Title: Cybersecurity Engineer Location: Washington, DC - Remote/Hybrid - On Approval based Duration: 1 4 Option Years Key Responsibilities Design and i... more
  • 4 Days Ago
Senior Security Operations Engineer
Apply
  • Zion Cloud Solutions Washington, DC
  • Position: Senior Security Operations Engineer Location: Hybrid / Washington, DC 20024 Duration: Long Term Contract With potential extension. Technical Skil... more
  • 4 Days Ago
Records Management Specialist
Apply
  • Zion Cloud Solutions Washington, DC
  • Position: Records Management Specialist Location: Hybrid / Washington, DC 20024 Duration: Long Term Contract With potential extension. Technical Skills: Mi... more
  • 4 Days Ago
Senior Business Systems Analyst
Apply
  • Zion Cloud Solutions Las Vegas, NV
  • Position: Senior Business Systems Analyst Location: Las Vegas, NV 89106, (on-site for the first 8 weeks and thereafter, hybrid Duration: Long Term Contract... more
  • 4 Days Ago
View More Jobs at Zion Cloud Solutions

Not the job you're looking for? Here are some other Senior GCP Architect & Engineer jobs in the Deerfield, IL area that may be a better fit.

Senior Google Cloud Platform (GCP) Technical Architect
Apply
  • CoSourcing Partners Chicago, IL
  • Senior Google Cloud Platform (GCP) Technical Architect Location: Chicago, IL (Hybrid flexibility available) Employment Type: Full-Time, Direct Hire Compens... more
  • 14 Days Ago
Senior Data Architect (AWS, Azure, GCP)
Apply
  • CapTech Consulting Chicago, IL
  • Company Description CapTech is an award-winning consulting firm that collaborates with clients to achieve what’s possible through the power of technology. ... more
  • 1 Month Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!