← all jobs

[Remote] Principal Cloud Engineer- GCP Platform Technical Lead

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. CVS Health is focused on building a world of health around every individual. They are seeking a Principal Cloud Engineer - GCP Platform Technical Lead to drive the architecture, security, and scalability of their enterprise GCP environment, while mentoring teams and ensuring compliance in a highly regulated setting.

Responsibilities

  • Own the enterprise GCP platform end-to-end, including organization structure, resource hierarchy, billing, networking architecture, IAM tiering, CMEK, VPC Service Controls, and centralized logging
  • Define, build, and maintain the enterprise GCP Landing Zone, including Shared VPC, project factory patterns, Org Policies, and governance guardrails
  • Serve as the final technical authority on GCP architecture and engineering decisions, ensuring scalability, security, reliability, and production readiness
  • Establish and enforce engineering standards across Infrastructure as Code, GitOps workflows, naming conventions, tagging strategies, branching models, and deployment practices using Terraform and Kubernetes Config Connector (KCC)
  • Act as the technical anchor and senior-most individual contributor for the GCP Cloud Engineering and Platform teams
  • Partner closely with enterprise architecture, security, networking, operations, and application teams to translate business and regulatory requirements into scalable platform capabilities
  • Collaborate across technology towers and platform teams (including AI and provisioning platforms) to enable consistent, secure, and efficient cloud adoption
  • Influence cloud strategy across CSPs while driving GCP as the primary enterprise platform of choice
  • Design and engineer enterprise-grade GCP networking, including Shared VPC, NCC hub-and-spoke architectures, VPC Service Controls, Private Service Connect, Cloud NAT, and hybrid connectivity using Cloud Interconnect and HA VPN
  • Architect and operate secure private GKE clusters using Workload Identity, Binary Authorization, Shielded Nodes, Config Sync, and least-privilege IAM patterns
  • Define identity and access strategies leveraging IAM, group-based access, PAM entitlements, Workload Identity Federation, and Entra ID integration
  • Evaluate platform designs for cost efficiency, performance, resilience, and long-term sustainability
  • Build and maintain self-service platform capabilities enabling product teams to deploy safely and independently
  • Integrate observability as a first-class platform feature using Cloud Monitoring, Cloud Logging, Datadog, SLIs/SLOs, alerting policies, and PagerDuty
  • Design and operate CI/CD and automation infrastructure, including self-hosted GitHub Actions runners on GKE using ARC
  • Manage secrets and encryption lifecycle using Secret Manager, CMEK, External Secrets Operator, and automated key rotation
  • Participate in on-call rotation and provide L3 escalation support for platform and infrastructure incidents
  • Drive continuous, automated compliance for regulatory frameworks such as HIPAA, PCI-DSS, SOC 2, and FedRAMP
  • Mentor engineers at all levels, raising the bar for cloud engineering excellence, security, and operational maturity
  • Lead and participate in architecture, design, code, and security reviews for all platform changes
  • Coach engineers on GCP best practices, cloud-native design patterns, and operational excellence
  • Build long-term technical depth and leadership capability within the cloud engineering organization
  • Evaluate and pilot emerging GCP and cloud-native capabilities, including GKE Enterprise, Vertex AI, and AI-assisted DevOps tooling
  • Research modern Kubernetes, networking, and platform engineering patterns to improve scalability, security, and developer experience
  • Explore AI-driven infrastructure operations and automation opportunities
  • Foster a culture of disciplined experimentation with measurable outcomes
  • Own and drive the GCP platform roadmap aligned with enterprise priorities and regulatory requirements
  • Author, maintain, and socialize Architecture Decision Records (ADRs) for major platform decisions
  • Embed FinOps practices into the platform, including cost allocation, budget alerting, committed use discounts, and rightsizing
  • Influence long-term cloud transformation initiatives and ensure platform scalability aligns with business growth and compliance needs

Skills

  • 10+ years of experience in infrastructure or cloud engineering, with 5+ years of deep, hands-on GCP experience at enterprise scale
  • 5+ years experience with proven ownership of a GCP Organization, including resource hierarchy, billing, Org Policy, IAM, and multi-project governance
  • 5+ years of demonstrated technical leadership as a principal engineer or platform owner for a major enterprise cloud initiative
  • 3+ years of experience with cloud implementations best practices and well architected framework
  • 6+ years of deep expertise across GCP services, including: Compute & Containers: GKE (Private, Autopilot & Standard), Cloud Run, Compute Engine, MIGs; Networking: Shared VPC, NCC, VPC Service Controls, Private Service Connect, Cloud Armor, Interconnect, HA VPN; Security & Identity: IAM, Workload Identity, WIF, PAM, Binary Authorization, Security Command Center, Secret Manager, CMEK; Data & Messaging: BigQuery, Pub/Sub, Cloud Storage, Dataflow, Cloud Composer; IaC & Automation: Terraform (modules, remote state, policy-as-code), KCC, Cloud Build, GitOps; Observability: Cloud Operations Suite, Datadog, SLIs/SLOs, PagerDuty
  • 1+ years of experience with implementing Agentic AI, and creating Agents
  • Strong programming and scripting experience in Python and Go; Bash required. PowerShell experience a plus
  • Experience operating and supporting production platforms in regulated environments
  • Google Cloud Professional Cloud Architect and/or Professional DevOps Engineer certification
  • HashiCorp Terraform Associate or Professional certification
  • Experience with Palo Alto VM-Series NGFW and F5 BIG-IP VE in GCP
  • Familiarity with Anthos, GKE Enterprise, and multi-cloud connectivity patterns
  • Experience with Vertex AI, LLM and enterprise MLOps patterns
  • Healthcare or other highly regulated industry experience (HIPAA, SOC 2, PCI-DSS, FedRAMP)
  • Experience with advanced CI/CD runner infrastructure and multi-OS build environments

Benefits

  • This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.
  • This position also includes an award target in the company’s equity award program.
  • This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families.
  • The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.

Company Overview

  • CVS Health is a health solutions company that provides an integrated healthcare services to its members. It was founded in 1963, and is headquartered in Woonsocket, Rhode Island, USA, with a workforce of 10001+ employees. Its website is https://www.cvshealth.com/.
  • Company H1B Sponsorship

  • CVS Health has a track record of offering H1B sponsorships, with 1 in 2022. Please note that this does not guarantee sponsorship for this specific role.
  • More open positions

    [Remote] Senior Software Development Engineer

    Work from home Full-time role

    [Remote] Senior Software Development Engineer

    Work from home Full-time role

    [Remote] Data Scientist II

    Work from home Full-time role

    [Remote] Staff Machine Learning Engineer - Generative AI & Full-Stack Applications

    Work from home Full-time role

    [Remote] Senior Manager- Platform Engineering/DevOps

    Work from home Full-time role

    Senior Data Architect – Databricks & Lakehouse (m/f/*)

    Work from home Full-time role

    careerzynith Remote Data Entry Specialist – Flexible Full‑Time & Part‑Time Roles with Competitive Compensation

    Work from home Full-time role

    [Hiring] Senior Product Manager, ROI Reporting and Data @Datavant

    Work from home Full-time role

    Experienced Customer Support Representative for careerzynith Shopify App

    Work from home Full-time role

    Sr. Editor, Consent Form Development

    Work from home Full-time role

    Platform Professional Services Sr. Consultant (Remote, ESP)

    Work from home Full-time role

    Experienced Medical Record/Data Entry Clerk/Project Support Associate – Revenue Recovery Department at careerzynith

    Work from home Full-time role

    Data Analyst, Clinical Operations

    Work from home Full-time role

    Telehealth Registered Dietitian job at Dietitian Live in NY

    Work from home Full-time role

    Branch Office Administrator

    Work from home Full-time role

    Project Management Analyst in Mexico and Argentina

    Work from home Full-time role

    Visiting Professor for Artificial Intelligence Online

    Work from home Full-time role

    Voice Actor / Narrator Needed for Dark History YouTube Channel (Long-Term, Documentary Style)

    Work from home Full-time role

    RCM / Collections Specialist / Medical Biller - Remote - Pacific OR Mountain Time Zone

    Work from home Full-time role

    Art Teacher .40 FTE (Online; Grades 9-12; beginning with the

    Work from home Full-time role

    Visual Concept Designer - Senior

    Work from home Full-time role