CareerZen Logo
Company logo

Sr Controls and Automation Engineer

Concert Consulting

Full-time

Denver, CO

Job description

Job Summary
Qualex Consulting Services, Inc. seasoned Senior Cloud DevOps Engineer / Consultant to lead innovative infrastructure, security, and delivery solutions for our Global Pricing Analysis operations at a Fortune 500 retail company. This senior role demands advanced cloud security knowledge, high-level architecture thinking, and cross-team leadership to ensure secure, scalable, and compliant DevOps environments in the Google Cloud Platform (GCP).

Responsibilities

Strategic Cloud Architecture

  • Define and lead secure GCP infrastructure architectures aligned with global pricing analysis objectives.
  • Drive adoption of Dataproc, BigQuery, GKE, and Cloud Storage services with emphasis on encryption, access control, and network segmentation.
  • Partner with Security and Compliance teams to design Zero Trust and least-privilege cloud environments.

Advanced Automation & IaC Leadership

  • Architect complex Terraform-based infrastructure incorporating policy as code and security baselines.
  • Implement secure CI/CD pipelines and container orchestration using Kubernetes (GKE) with private clusters, workload identity, and secrets management.
  • Enforce automated security scanning, configuration drift detection, and infrastructure compliance reporting.

Enterprise CI/CD & DevSecOps

  • Design and govern enterprise-grade CI/CD frameworks integrating DevSecOps controls—SAST, DAST, IaC scanning, and artifact integrity validation.
  • Define secure build and deploy pipelines using Jenkins, GitHub Actions, or Cloud Build.
  • Develop rollback, audit, and compliance strategies to align with corporate and regulatory standards.

Reliability Engineering & Monitoring Strategy

  • Architect observability and threat detection frameworks using Cloud Monitoring, Prometheus, Grafana, and Chronicle Security Operations.
  • Implement real-time alerting, audit logging, and compliance dashboards for SOC visibility.
  • Lead incident response, root cause analysis, and security postmortems for resilience improvements.

Cloud Security & Governance

  • Design and manage Identity and Access Management (IAM), Service Accounts, and RBAC with least-privilege access.
  • Implement VPC Service Controls, Cloud Armor, and Secret Manager for perimeter and data protection.
  • Define and enforce encryption-at-rest, in-transit, and key management (KMS) standards.
  • Collaborate with global security teams on threat modelling, compliance audits (SOC2, ISO 27001, PCI DSS), and risk mitigation strategies.

Mentorship & Collaboration

  • Lead and mentor DevOps and Security Engineers, fostering a security-first mindset.
  • Act as liaison between IT, Security, Data Engineering, and Business teams to balance velocity and governance.
  • Present architecture and risk posture updates to senior executives and technical committees.

Soft Skills

  • Leadership and cross-functional influence.
  • Strong communication for executive and technical audiences.
  • Strategic decision-making under uncertainty.
  • Passion for security automation and continuous improvement.
  • Coaching and mentoring mindset.

Qualifications

  • Bachelor’s or Master’s in Computer Science, Engineering, or Information Security.
  • 6+ years of progressive DevOps and Cloud Security experience (preferably with GCP).
  • Expertise in:
  • Terraform, Kubernetes (GKE), BigQuery, Dataproc
  • IAM, KMS, VPC Service Controls, Cloud Armor
  • CI/CD, GitOps, Policy as Code, and Secrets Management
  • Python, Go, or Bash scripting for automation and remediation
  • Strong understanding of security frameworks (NIST CSF, CIS Benchmarks, SOC2, ISO 27001).

Preferred Certifications

  • Google Professional Cloud DevOps Engineer
  • Google Professional Cloud Security Engineer (strongly preferred)
  • Google Professional Data Engineer
  • Certified Kubernetes Administrator (CKA)
  • HashiCorp Certified: Terraform Associate
  • (Optional) CISSP or CCSP – Cloud Security specialization

Experience

  • Led DevOps and Cloud Security strategy for large-scale data platforms using Dataproc and GCP.
  • Implemented DevSecOps frameworks integrating compliance and threat detection.
  • Experience with multi-region IAM design, encryption management, and audit readiness in global retail analytics environments.

Job Type: Full-time

Pay: $115,000.00 - $135,000.00 per year

Benefits:

  • 401(k)
  • Dental insurance
  • Health insurance
  • Life insurance
  • Paid time off
  • Professional development assistance
  • Vision insurance

Security clearance:

  • Confidential (Preferred)

Work Location: Hybrid remote in Bay Harbor Islands, FL 33154

Apply