Track Lead - Terraform,Python,Google Cloud Build,Ansible

Job Summary

We are looking for a highly experienced GCP Solution Architect with a proven track record of designing and delivering enterprise-grade cloud solutions on Google Cloud Platform (GCP). The ideal candidate will have deep expertise in migrating complex on-premises workloads to GCP, crafting architecture blueprints (HLD/LLD), and delivering operational documentation including runbooks, design documents, CI/CD pipelines, and Infrastructure as Code using Terraform.

Key Responsibilities

• Lead end-to-end cloud architecture design for large-scale GCP engagements.
• Create and own High-Level Design (HLD) documents covering network topology, compute, storage, security, and integration patterns.
• Develop detailed Low-Level Design (LLD) documents specifying configurations, IP schemes, firewall rules, IAM policies, and resource specifications.
• Design multi-region, highly available, and fault-tolerant architectures on GCP.
• Define reference architectures, technology standards, and best practices for GCP adoption. On-Premises to GCP Cloud Migration • Lead and execute migration of on-prem workloads (VMs, databases, applications) to GCP using tools like Migrate for Compute Engine, Database Migration Service (DMS), and Transfer Appliance.
• Conduct discovery and assessment of existing infrastructure to build migration roadmaps and wave plans.
• Define migration strategies: Rehost (Lift & Shift), Replatform, Refactor, and Rearchitect.
• Manage cutover planning, rollback strategies, and post-migration validation.
• Ensure zero or minimal downtime during migration events. Documentation • Author and maintain comprehensive Design Documents covering solution architecture, data flows, integration points, and technology decisions.
• Produce operational Runbooks for deployment, maintenance, incident response, failover, and DR procedures.
• Develop Solution Architecture Documents (SADs) and Architecture Decision Records (ADRs).
• Create and maintain As-Built Documents post-deployment to reflect actual environment configurations.
• Prepare capacity planning documents and cost optimization reports. Infrastructure as Code – Terraform • Design and develop modular, reusable Terraform code for GCP resources (VPC, GKE, Cloud SQL, Pub/Sub, IAM, Cloud Armor, etc.).
• Implement and enforce Terraform best practices: remote state management (GCS backend), workspace strategy, and module versioning.
• Code review and governance for IaC contributions across teams.
• Integrate Terraform with CI/CD pipelines for automated provisioning and drift detection. CI/CD Pipelines • Design and implement CI/CD pipelines using Cloud Build, GitHub Actions, GitLab CI, Jenkins, or Tekton.
• Establish Git Ops workflows for infrastructure and application deployments.
• Integrate security scanning (SAST, container scanning) and policy checks into pipelines.
• Define pipeline standards for blue/green, canary, and rolling deployments on GKE. Security & Compliance • Implement GCP security best practices: VPC Service Controls, Beyond Corp, Cloud Armor, Secret Manager, CMEK.
• Design IAM policies following the principle of least privilege.
• Ensure architectures meet compliance standards (ISO 27001, SOC 2, PCI-DSS, HIPAA) where applicable.
• Conduct architecture and security reviews and threat modelling. Stakeholder & Team Collaboration • Engage with business stakeholders to translate requirements into technical solutions.
• Present and defend architectural decisions to senior leadership and technical teams.
• Mentor and guide junior architects, cloud engineers, and DevOps teams.
• Collaborate with application teams, security teams, and network teams across the organisation. Required Technical Skills & Experience Skill Area Technologies / Tools Experience Required GCP Core Services Compute Engine, GKE, Cloud Run, Cloud SQL, Spanner, Big Query, Pub/Sub, Cloud Storage, VPC, Cloud DNS 8+ years On-Prem to Cloud Migration Migrate for Compute Engine, DMS, Transfer Appliance, VPN/Interconnect 5+ years Terraform / IaC Terraform (modules, workspaces, remote state), Terragrunt 5+ years CI/CD Pipelines Cloud Build, GitHub Actions, GitLab CI, Jenkins, Tekton, ArgoCD 5+ years HLD / LLD Documentation Visio, Lucidchart, draw.io, Confluence 7+ years Security VPC SC, IAM, Cloud Armor, Beyond Corp, CMEK

Skill Requirements

• Lead end-to-end cloud architecture design for large-scale GCP engagements.
• Create and own High-Level Design (HLD) documents covering network topology, compute, storage, security, and integration patterns.
• Develop detailed Low-Level Design (LLD) documents specifying configurations, IP schemes, firewall rules, IAM policies, and resource specifications.
• Design multi-region, highly available, and fault-tolerant architectures on GCP.
• Define reference architectures, technology standards, and best practices for GCP adoption. On-Premises to GCP Cloud Migration • Lead and execute migration of on-prem workloads (VMs, databases, applications) to GCP using tools like Migrate for Compute Engine, Database Migration Service (DMS), and Transfer Appliance.
• Conduct discovery and assessment of existing infrastructure to build migration roadmaps and wave plans.
• Define migration strategies: Rehost (Lift & Shift), Replatform, Refactor, and Rearchitect.
• Manage cutover planning, rollback strategies, and post-migration validation.
• Ensure zero or minimal downtime during migration events. Documentation • Author and maintain comprehensive Design Documents covering solution architecture, data flows, integration points, and technology decisions.
• Produce operational Runbooks for deployment, maintenance, incident response, failover, and DR procedures.
• Develop Solution Architecture Documents (SADs) and Architecture Decision Records (ADRs).
• Create and maintain As-Built Documents post-deployment to reflect actual environment configurations.
• Prepare capacity planning documents and cost optimization reports. Infrastructure as Code – Terraform • Design and develop modular, reusable Terraform code for GCP resources (VPC, GKE, Cloud SQL, Pub/Sub, IAM, Cloud Armor, etc.).
• Implement and enforce Terraform best practices: remote state management (GCS backend), workspace strategy, and module versioning.
• Code review and governance for IaC contributions across teams.
• Integrate Terraform with CI/CD pipelines for automated provisioning and drift detection. CI/CD Pipelines • Design and implement CI/CD pipelines using Cloud Build, GitHub Actions, GitLab CI, Jenkins, or Tekton.
• Establish Git Ops workflows for infrastructure and application deployments.
• Integrate security scanning (SAST, container scanning) and policy checks into pipelines.
• Define pipeline standards for blue/green, canary, and rolling deployments on GKE. Security & Compliance • Implement GCP security best practices: VPC Service Controls, Beyond Corp, Cloud Armor, Secret Manager, CMEK.
• Design IAM policies following the principle of least privilege.
• Ensure architectures meet compliance standards (ISO 27001, SOC 2, PCI-DSS, HIPAA) where applicable.
• Conduct architecture and security reviews and threat modelling. Stakeholder & Team Collaboration • Engage with business stakeholders to translate requirements into technical solutions.
• Present and defend architectural decisions to senior leadership and technical teams.
• Mentor and guide junior architects, cloud engineers, and DevOps teams.
• Collaborate with application teams, security teams, and network teams across the organisation. Required Technical Skills & Experience Skill Area Technologies / Tools Experience Required GCP Core Services Compute Engine, GKE, Cloud Run, Cloud SQL, Spanner, Big Query, Pub/Sub, Cloud Storage, VPC, Cloud DNS 8+ years On-Prem to Cloud Migration Migrate for Compute Engine, DMS, Transfer Appliance, VPN/Interconnect 5+ years Terraform / IaC Terraform (modules, workspaces, remote state), Terragrunt 5+ years CI/CD Pipelines Cloud Build, GitHub Actions, GitLab CI, Jenkins, Tekton, ArgoCD 5+ years HLD / LLD Documentation Visio, Lucidchart, draw.io, Confluence 7+ years Security VPC SC, IAM, Cloud Armor, Beyond Corp, CMEK

Other Requirements

• Lead end-to-end cloud architecture design for large-scale GCP engagements.
• Create and own High-Level Design (HLD) documents covering network topology, compute, storage, security, and integration patterns.
• Develop detailed Low-Level Design (LLD) documents specifying configurations, IP schemes, firewall rules, IAM policies, and resource specifications.
• Design multi-region, highly available, and fault-tolerant architectures on GCP.
• Define reference architectures, technology standards, and best practices for GCP adoption. On-Premises to GCP Cloud Migration • Lead and execute migration of on-prem workloads (VMs, databases, applications) to GCP using tools like Migrate for Compute Engine, Database Migration Service (DMS), and Transfer Appliance.
• Conduct discovery and assessment of existing infrastructure to build migration roadmaps and wave plans.
• Define migration strategies: Rehost (Lift & Shift), Replatform, Refactor, and Rearchitect.
• Manage cutover planning, rollback strategies, and post-migration validation.
• Ensure zero or minimal downtime during migration events. Documentation • Author and maintain comprehensive Design Documents covering solution architecture, data flows, integration points, and technology decisions.
• Produce operational Runbooks for deployment, maintenance, incident response, failover, and DR procedures.
• Develop Solution Architecture Documents (SADs) and Architecture Decision Records (ADRs).
• Create and maintain As-Built Documents post-deployment to reflect actual environment configurations.
• Prepare capacity planning documents and cost optimization reports. Infrastructure as Code – Terraform • Design and develop modular, reusable Terraform code for GCP resources (VPC, GKE, Cloud SQL, Pub/Sub, IAM, Cloud Armor, etc.).
• Implement and enforce Terraform best practices: remote state management (GCS backend), workspace strategy, and module versioning.
• Code review and governance for IaC contributions across teams.
• Integrate Terraform with CI/CD pipelines for automated provisioning and drift detection. CI/CD Pipelines • Design and implement CI/CD pipelines using Cloud Build, GitHub Actions, GitLab CI, Jenkins, or Tekton.
• Establish Git Ops workflows for infrastructure and application deployments.
• Integrate security scanning (SAST, container scanning) and policy checks into pipelines.
• Define pipeline standards for blue/green, canary, and rolling deployments on GKE. Security & Compliance • Implement GCP security best practices: VPC Service Controls, Beyond Corp, Cloud Armor, Secret Manager, CMEK.
• Design IAM policies following the principle of least privilege.
• Ensure architectures meet compliance standards (ISO 27001, SOC 2, PCI-DSS, HIPAA) where applicable.
• Conduct architecture and security reviews and threat modelling. Stakeholder & Team Collaboration • Engage with business stakeholders to translate requirements into technical solutions.
• Present and defend architectural decisions to senior leadership and technical teams.
• Mentor and guide junior architects, cloud engineers, and DevOps teams.
• Collaborate with application teams, security teams, and network teams across the organisation. Required Technical Skills & Experience Skill Area Technologies / Tools Experience Required GCP Core Services Compute Engine, GKE, Cloud Run, Cloud SQL, Spanner, Big Query, Pub/Sub, Cloud Storage, VPC, Cloud DNS 8+ years On-Prem to Cloud Migration Migrate for Compute Engine, DMS, Transfer Appliance, VPN/Interconnect 5+ years Terraform / IaC Terraform (modules, workspaces, remote state), Terragrunt 5+ years CI/CD Pipelines Cloud Build, GitHub Actions, GitLab CI, Jenkins, Tekton, ArgoCD 5+ years HLD / LLD Documentation Visio, Lucidchart, draw.io, Confluence 7+ years Security VPC SC, IAM, Cloud Armor, Beyond Corp, CMEK