About the role
We’re looking for a GCP Cloud Architect to Operate, design, build, and secure high-availability, cost-efficient platforms on Google Cloud. You’ll own end-to-end architecture, from VPC design and container orchestration to data/AI workloads and DevSecOps, while guiding engineering teams toward operational excellence.
What you’ll do
• Architecture & Delivery Design scalable, resilient reference architectures on Google Cloud Platform (GCP) using VPC, Cloud Load Balancing, Persistent Disks, Cloud Storage, Compute Engine, App Engine, and Google Kubernetes Engine (GKE). Lead containerization and container orchestration strategies; standardize deployments with Helm and GitOps-friendly workflows. Define data architecture patterns using CloudSQL, Memorystore, BigQuery, and integrate Vertex AI for ML/AI use cases.
• Platform Engineering & Automation Implement Infrastructure as Code with Terraform; enforce modular, reusable stacks and environment promotion. Establish/optimize CI/CD pipelines with GitLab and Jenkins; integrate SonarQube for code quality and security gates.
• Security, Compliance & Resilience Drive DevSecOps practices; embed security scanning and policy as code. Implement org-level controls with Google Security Command Center; integrate IAM with OneLogin (SSO/SCIM/OIDC). Own WAF strategy: operate current Reblaze WAF and plan/migrate to Cloud Armor; manage DDoS protection with Cloud Armor and best-practice network patterns.
• SRE & Operations Set up observability and SLOs using Cloud Operations Suite (Logging, Monitoring, Tracing); enable autoscaling and self-healing. Champion cost governance (rightsizing, committed use, storage lifecycle) and disaster recovery (RTO/RPO, backups).
• Leadership & Governance Run architecture reviews, threat models, and design workshops; mentor engineers and standardize patterns via ADRs and blueprints. Collaborate with product, data, and security stakeholders; maintain a living cloud roadmap.
Required skills & experience
• Core GCP: GCP org/project structure, VPC design (subnets, peering, Shared VPC), Cloud Load Balancing, Persistent Disks, Cloud Storage, Compute Engine, App Engine.
• Containers: GKE cluster architecture (node pools, autoscaling, upgrades), Helm packaging, registry and supply-chain security.
• Data & AI: CloudSQL, Memorystore, BigQuery architecture/performance, Vertex AI pipelines/inference integration patterns.
• DevOps/Platform: Terraform (workspaces/modules), GitLab (repos, runners), Jenkins, CI/CD Pipeline best practices, SonarQube quality gates.
• Security: Google Security Command Center, IAM (workload identity, least privilege) and OneLogin federation, DevSecOps tooling, WAF (Reblaze current Cloud Armor planned), DDoS management / Cloud Armor.
• Operations: Cloud Operations Suite (Monitoring/Logging/Trace), incident management, SLOs/error budgets, capacity planning, runbooks.
• Ways of Working: Strong documentation, design reviews, and stakeholder communication; ability to lead delivery across multiple teams.
Nice to have
• Kubernetes certs (CKA/CKS), FinOps experience, SRE background, policy-as-code (OPA/Gatekeeper), service mesh (Anthos/ASM/Istio), eventing (Pub/Sub), data pipelines (Dataflow/Dataproc), scripting (Python/Go), and experience with regulated environments (SOC2/PCI/ISO 27001).
Certifications (preferred)
• Google Professional Cloud Architect (strongly preferred)
• Google Professional Cloud DevOps Engineer and/or Professional Data Engineer
• CKA/CKS (Linux Foundation)
Success metrics
• Reduction in infra cost per workload; improved SLO attainment and MTTR.
• Secure baselines adopted org-wide; automated policy checks in CI/CD.
• Measurable improvements in deployment frequency and lead time.
• Successful WAF transition to Cloud Armor and standardized DDoS posture.
Tech stack you’ll work with
GCP: GKE, Compute Engine, App Engine, Cloud Storage, CloudSQL, Memorystore, BigQuery, Vertex AI, Persistent Disks, VPC, Cloud Load BalancingDevOps: Terraform, Helm, GitLab, Jenkins, SonarQube, CI/CDSecurity: Google Security Command Center, IAM (OneLogin), WAF (Reblaze Cloud Armor), Cloud Armor DDoSObservability: Cloud Operations SuitePractices: DevSecOps, SRE, Infrastructure as Code, Container orchestration
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.