Job Description

We are looking for an experienced Infrastructure Engineer with deep Google Cloud Platform (GCP) networking expertise to design, build, automate, and operate cloud network services at scale. The role includes DNS as a Service offering, IP Address Management (IPAM), integrations with ServiceNow, FinOps automation (including tagging), Terraform-based infrastructure as code, and policy as code for compliance. You’ll partner with Operations, Security, FinOps, and Platform Engineering to deliver reliable, compliant, and cost-optimized cloud networking services.

Key Responsibilities:

•  Design, implement, and operate GCP networking: VPCs, subnets, routing (Cloud Router/BGP), VPC peering, Private Service Connect, Cloud NAT, Cloud Firewall, Cloud Armor, load balancing (L7/L4).
•  Build scalable DNS and IPAM capabilities (DDI) across cloud and hybrid environments; manage Cloud DNS, forwarders, split-horizon, and DNSSEC where applicable.
• • Define and enforce network security controls and segmentation aligned with compliance frameworks and internal policies.
• • Troubleshoot complex network issues using packet capture, flow logs, and observability tooling. DNS as a Service (DNSaaS) 
• • Own design and rollout of DNS as a Service—self-service APIs/portals, role based access, change governance, auditability, and automated validations.
• • Standardize DNS zones, records, naming conventions, and lifecycle management across environments. IP Address Management (IPAM)
• • Implement and manage IPAM across GCP and hybrid networks; maintain authoritative inventory of IP allocations, subnets, and DHCP scopes.
• • Integrate IPAM with provisioning pipelines and ServiceNow for streamlined requests and approvals. Automation & Integrations
• • Develop automation for provisioning, changes, tagging, and governance using Python (and optionally Go) and CI/CD pipelines.
• • Build integrations with ServiceNow (CMDB, Change, Catalog), FinOps platforms, tagging workflows, and reporting.
• • Author and maintain Terraform modules for network patterns; establish standards and reusable templates. Policy as Code & Compliance
• • Implement policy as code using OPA/Conftest or Sentinel; enforce guardrails on Terraform plans and runtime configs.
• • Build compliance controls and continuous validation (CIS benchmarks, least privilege, route/firewall policies, DNS change governance). Cost Optimization (FinOps)
• • Partner with FinOps to drive cost visibility and optimization: resource tagging automation, rightsizing, data egress analysis, load balancer/caching strategies, and vanity/private endpoints.
• • Integrate with FinOps tooling (e.g., Apptio, Turbonomic) to analyze utilization and automate recommendations. 
•  Establish SLOs for network services (DNS, routing, LB, NAT); build dashboards, alerts, and runbooks.
• Participate in on-call rotation and continuous improvement via post-incident reviews. 

͏

͏

͏

͏