Overview

We are seeking a Lead Cloud Engineer to join our team.

In this position, you will be responsible for designing and securing cloud infrastructure in large-scale, complex enterprise environments. You will work closely with multidisciplinary teams to deliver secure, compliant, and forward-thinking cloud solutions that align with organizational goals.

Responsibilities

  • Architect and design secure cloud infrastructure tailored to business requirements
  • Develop and enforce cloud security policies and services, ensuring alignment with industry standards and compliance needs
  • Perform security threat assessments and implement mitigation strategies to safeguard cloud assets
  • Establish and uphold security strategies and governance protocols across cloud platforms
  • Partner with SOC and SecOps teams to maintain regulatory compliance and prepare for audits
  • Oversee Identity and Access Management (IAM), including structuring resource hierarchies, boundary protections, and secure communications
  • Plan and deploy network security measures such as firewalls, VPCs, and perimeter defenses
  • Apply observability solutions for comprehensive logging, monitoring, and threat detection in cloud environments
  • Utilize AI agents to automate and optimize security and infrastructure deployment processes
  • Lead security-driven digital transformation initiatives using Infrastructure as Code (IaC) and manage secure containerized workloads

Requirements

  • Minimum of 5 years of hands-on experience in cloud engineering or a related discipline
  • At least one year of experience leading and managing technical teams
  • Demonstrated expertise in architecting and implementing secure cloud policies and services, preferably on Google Cloud Platform (GCP)
  • Strong background in security threat analysis and mitigation, with practical experience using SIEM tools like Google SecOps (Chronicle), WiZ, or similar platforms
  • Proven ability to define, design, and implement comprehensive security strategies and governance frameworks
  • Experience enforcing regulatory controls and working with SOC or SecOps teams to achieve compliance objectives
  • Advanced proficiency in Identity and Access Management (IAM), including resource hierarchy planning, boundary protection, secure communications, and Workload Identity Federation (WIF)
  • Skilled in designing and deploying network security solutions such as Cloud Firewall, Cloud Armor, and VPC, as well as ensuring robust data protection and observability for threat management
  • Experience using AI agents to automate, streamline, and reduce risk in security and infrastructure deployments
  • Expertise in establishing secure Landing Zones, Data and AI Foundations, and setting up secure communication perimeters for users, agents, and services
  • Proficient in Infrastructure as Code (e.g., Terraform) for compliance-focused deployments, managing secure workloads with Google Kubernetes Engine (GKE), and securing CI/CD and DevSecOps pipelines
  • English language proficiency (written and spoken) at B2+ level or higher

[GTS] Benefits (generic, except India)

  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn