Devops Lead

We are looking for an experienced Infrastructure Engineer with deep Google Cloud Platform (GCP) networking expertise to design, build, automate, and operate cloud networking services at scale. The role includes DNS as a Service offering, IP Address Management (IPAM), integrations with ServiceNow, FinOps automation (including tagging), Terraform-based infrastructure as code, and policy as code for compliance. You’ll partner with Operations, Security, FinOps, and Platform Engineering to deliver reliable, compliant, and cost-optimized cloud networking services.

Location: London

Mandatory Skills: Jenkins.

Key Responsibilities:

• Network Design & Operations (GCP): Design, implement, and operate GCP networking: VPCs, subnets, routing (Cloud Router/BGP), VPC peering, Private Service Connect, Cloud NAT, Cloud Firewall, Cloud Armor, load balancing (L7/L4).
• Build scalable DNS and IPAM capabilities (DDI) across cloud and hybrid environments; manage Cloud DNS, forwarders, split-horizon, and DNSSEC where applicable.
• Define and enforce network security controls and segmentation aligned with compliance frameworks and internal policies.
• Troubleshoot complex network issues using packet capture, flow logs, and observability tooling.
• Own design and rollout of DNS as a Service—self-service APIs/portals, role-based access, change governance, auditability, and automated validations.
• Standardize DNS zones, records, naming conventions, and lifecycle management across environments.
• Implement and manage IPAM across GCP and hybrid networks; maintain authoritative inventory of IP allocations, subnets, and DHCP scopes.
• Integrate IPAM with provisioning pipelines and ServiceNow for streamlined requests and approvals.
• Develop automation for provisioning, changes, tagging, and governance using Python (and optionally Go) and CI/CD pipelines.
• Build integrations with ServiceNow (CMDB, Change, Catalog), FinOps platforms, tagging workflows, and reporting.
• Author and maintain Terraform modules for network patterns; establish standards and reusable templates.
• Implement policy as code using OPA/Conftest or Sentinel; enforce guardrails on Terraform plans and runtime configs.
• Build compliance controls and continuous validation (CIS benchmarks, least privilege, route/firewall policies, DNS change governance).
• Partner with FinOps to drive cost visibility and optimization: resource tagging automation, rightsizing, data egress analysis, load balancer/caching strategies, and vanity/private endpoints.
• Integrate with FinOps tooling (e.g., Apptio, Turbonomic) to analyze utilization and automate recommendations.
• Establish SLOs for network services (DNS, routing, LB, NAT); build dashboards, alerts, and runbooks.
• Participate in on-call rotation and continuous improvement via post-incident reviews.

Required Qualifications:

• 5–10+ years in infrastructure/network engineering with 3+ years focused on GCP networking.
• Strong hands-on with: GCP VPC, subnets, Cloud Router/BGP, VPC peering, Private Service Connect, Cloud NAT, Cloud Firewall, Cloud Armor, global/regional load balancers, Cloud DNS.
• DNS/IPAM/DDI concepts: authoritative/recursive DNS, split-horizon, DNSSEC, record types (A/AAAA/CNAME/TXT/SRV), DHCP lease management.
• Automation & IaC: Terraform (authoring modules, state management, workspaces), Python scripting, CI/CD (GitHub Actions/GitLab CI/Azure DevOps).
• Policy as Code: OPA/Conftest or HashiCorp Sentinel; pre-commit hooks and plan enforcement.
• ServiceNow integrations: Catalog/Change/CMDB; API-based workflows for provisioning and approvals.
• Solid understanding of network security (firewalls, segmentation, WAF/CDN, identity-aware proxies, TLS, certificates).
• Experience with observability (logs/metrics/traces), flow logs, packet capture tools, and performance tuning.
• Strong documentation, stakeholder communication, and operational discipline (runbooks, change governance).

Nice to Have:

• Experience with Apptio, Turbonomic for cost and performance optimization.
• Hands-on with DDI platforms (e.g., Infoblox, BlueCat), PKI/cert management.
• Kubernetes networking (CNI, Ingress, Service Mesh, NetworkPolicies).
• Multi-cloud exposure (AWS/Azure) and hybrid connectivity (VPN, Direct Peering/Interconnect).
• GCP Professional Cloud Network Engineer certification; Terraform Associate.
• Experience with RESTful API design, event-driven automation, and GitOps practice.

Provide customer support/service on the DevOps tools. Timely support internal & external customers escalations on multiple platforms. Troubleshoot the various problems that arise in implementation of DevOps tools across the project/module. Perform root cause analysis of major incidents/critical issues which may hamper project timeliness, quality or cost. Develop alternate plans/solutions to be implemented as per root cause analysis of critical problems.