Key skills
PythonBashPowerShellAWSGCPGoogle CloudTerraformKubernetesDockerJenkinsGitHub ActionsGKEHelmIAMCloud BuildGitHubSource ControlRepositoryCI/CDLeadershipCommunicationCollaborationSonarQubeCloud Security
About this role
Sonatype is the software supply chain security company, providing end-to-end software supply chain security solutions. The GCP DevOps Engineer will design and automate the engineering platform and delivery systems on GCP, improving reliability and security while guiding teams on best practices.
Responsibilities:
- Design, implement, and evolve GCP-based infrastructure using Infrastructure as Code with Terraform and Google Cloud deployment automation patterns
- Build and maintain scalable CI/CD pipelines using Cloud Build, GitHub Actions, Jenkins, or equivalent platforms for application, infrastructure, and platform workloads
- Administer and optimize GCP delivery workflows including Cloud Build triggers, Artifact Registry, source integrations, deployment approvals, and service account access patterns
- Partner with engineering teams to improve build, release, and deployment workflows across microservices and cloud-native applications
- Implement robust observability across systems using Google Cloud Operations Suite, Cloud Logging, Cloud Monitoring, and related telemetry tooling
- Strengthen platform security by integrating secrets management, policy enforcement, vulnerability scanning, and least-privilege access control
- Manage and optimize containerized environments using Kubernetes, Helm, and Google Kubernetes Engine (GKE)
- Drive reliability engineering practices including incident response, root cause analysis, SLO thinking, and automated remediation where appropriate
- Standardize reusable templates, modules, and platform patterns that improve developer productivity and consistency
- Mentor engineers and provide technical leadership on GCP architecture, deployment automation, release governance, and DevSecOps practices
Requirements:
- Strong experience in DevOps, platform engineering, or site reliability engineering roles supporting modern software delivery
- Deep hands-on expertise with Google Cloud Platform, including compute, networking, IAM, storage, monitoring, and security services
- Strong experience with GCP-native or integrated CI/CD pipeline design for multiple application stacks and deployment patterns
- Experience with Infrastructure as Code using Terraform, Deployment Manager alternatives, or equivalent automation frameworks
- Proficiency with containers and orchestration platforms such as Docker and Kubernetes, preferably with GKE experience
- Experience with scripting and automation using Python, Bash, PowerShell, or similar languages
- Solid understanding of source control workflows, package management, artifact promotion, and release strategies
- Experience implementing observability, logging, alerting, and operational dashboards for production systems
- Strong understanding of cloud security, IAM, secrets management, compliance controls, and secure software delivery practices
- Excellent collaboration and communication skills, with the ability to influence technical direction across teams
- Experience with GitHub, SonarQube, Nexus Repository, or software supply chain security tooling
- Familiarity with multi-cloud environments and migration patterns from AWS or on-premises platforms
- Exposure to policy-as-code, platform engineering, developer portals, or internal developer platform concepts
- Experience supporting regulated or enterprise-scale environments with strong governance requirements