CVS Health Logo

CVS Health

Principal Cloud Engineer- GCP Platform Technical Lead

Posted Yesterday
Be an Early Applicant
In-Office
New York, NY, USA
144K-288K Annually
Expert/Leader
In-Office
New York, NY, USA
144K-288K Annually
Expert/Leader
Lead and own the enterprise GCP platform: design, build, and operate a compliant, secure, production-grade landing zone. Define IaC, networking, identity, observability, and automation standards; mentor engineers; provide L3 support and roadmap leadership while enabling self-service and FinOps.
The summary above was generated by AI

We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time.

Principal Cloud Engineer/ GCP Platform Technical LeadWho are you

You are a cloud-first, hands-on Principal Engineer and the authoritative technical voice for the enterprise Google Cloud Platform (GCP) environment. You bring deep engineering expertise, strong architectural judgment, and a platform-owner mindset to design, build, and operate a secure, scalable, and production-grade GCP landing zone in highly regulated environments.

You are equally comfortable setting technical vision, writing production-grade code, documenting complex decisions through Architecture Decision Records (ADRs), and guiding teams through disciplined execution. You influence engineers and stakeholders through clarity of thought, strong design rationale, and operational rigor.

You believe Infrastructure as Code, security-by-design, automation, and observability are foundational—not optional. You are motivated by building durable, self-service platforms that empower teams to move quickly while maintaining reliability, compliance, and enterprise governance.

Role ResponsibilitiesDevelopment & Enforcement
  • Own the enterprise GCP platform end-to-end, including organization structure, resource hierarchy, billing, networking architecture, IAM tiering, CMEK, VPC Service Controls, and centralized logging.
  • Define, build, and maintain the enterprise GCP Landing Zone, including Shared VPC, project factory patterns, Org Policies, and governance guardrails.
  • Serve as the final technical authority on GCP architecture and engineering decisions, ensuring scalability, security, reliability, and production readiness.
  • Establish and enforce engineering standards across Infrastructure as Code, GitOps workflows, naming conventions, tagging strategies, branching models, and deployment practices using Terraform and Kubernetes Config Connector (KCC).
Collaboration & Expertise
  • Act as the technical anchor and senior-most individual contributor for the GCP Cloud Engineering and Platform teams.
  • Partner closely with enterprise architecture, security, networking, operations, and application teams to translate business and regulatory requirements into scalable platform capabilities.
  • Collaborate across technology towers and platform teams (including AI and provisioning platforms) to enable consistent, secure, and efficient cloud adoption.
  • Influence cloud strategy across CSPs while driving GCP as the primary enterprise platform of choice.
Analysis & Configuration
  • Design and engineer enterprise-grade GCP networking, including Shared VPC, NCC hub-and-spoke architectures, VPC Service Controls, Private Service Connect, Cloud NAT, and hybrid connectivity using Cloud Interconnect and HA VPN.
  • Architect and operate secure private GKE clusters using Workload Identity, Binary Authorization, Shielded Nodes, Config Sync, and least-privilege IAM patterns.
  • Define identity and access strategies leveraging IAM, group-based access, PAM entitlements, Workload Identity Federation, and Entra ID integration.
  • Evaluate platform designs for cost efficiency, performance, resilience, and long-term sustainability.
Operational Support
  • Build and maintain self-service platform capabilities enabling product teams to deploy safely and independently.
  • Integrate observability as a first-class platform feature using Cloud Monitoring, Cloud Logging, Datadog, SLIs/SLOs, alerting policies, and PagerDuty.
  • Design and operate CI/CD and automation infrastructure, including self-hosted GitHub Actions runners on GKE using ARC.
  • Manage secrets and encryption lifecycle using Secret Manager, CMEK, External Secrets Operator, and automated key rotation.
  • Participate in on-call rotation and provide L3 escalation support for platform and infrastructure incidents.
  • Drive continuous, automated compliance for regulatory frameworks such as HIPAA, PCI-DSS, SOC 2, and FedRAMP.
Mentorship & Training
  • Mentor engineers at all levels, raising the bar for cloud engineering excellence, security, and operational maturity.
  • Lead and participate in architecture, design, code, and security reviews for all platform changes.
  • Coach engineers on GCP best practices, cloud-native design patterns, and operational excellence.
  • Build long-term technical depth and leadership capability within the cloud engineering organization.
Innovation and Research
  • Evaluate and pilot emerging GCP and cloud-native capabilities, including GKE Enterprise, Vertex AI, and AI-assisted DevOps tooling.
  • Research modern Kubernetes, networking, and platform engineering patterns to improve scalability, security, and developer experience.
  • Explore AI-driven infrastructure operations and automation opportunities.
  • Foster a culture of disciplined experimentation with measurable outcomes.
Strategic Planning
  • Own and drive the GCP platform roadmap aligned with enterprise priorities and regulatory requirements.
  • Author, maintain, and socialize Architecture Decision Records (ADRs) for major platform decisions.
  • Embed FinOps practices into the platform, including cost allocation, budget alerting, committed use discounts, and rightsizing.
  • Influence long-term cloud transformation initiatives and ensure platform scalability aligns with business growth and compliance needs.
QualificationsBasic Qualifications
  • 10+ years of experience in infrastructure or cloud engineering, with 5+ years of deep, hands-on GCP experience at enterprise scale.
  • 5+ years experience with proven ownership of a GCP Organization, including resource hierarchy, billing, Org Policy, IAM, and multi-project governance.
  • 5+ years of demonstrated technical leadership as a principal engineer or platform owner for a major enterprise cloud initiative.
  • 3+ years of experience with cloud implementations best practices and well architected framework.
  • 6+ years of deep expertise across GCP services, including:
    • Compute & Containers: GKE (Private, Autopilot & Standard), Cloud Run, Compute Engine, MIGs
    • Networking: Shared VPC, NCC, VPC Service Controls, Private Service Connect, Cloud Armor, Interconnect, HA VPN
    • Security & Identity: IAM, Workload Identity, WIF, PAM, Binary Authorization, Security Command Center, Secret Manager, CMEK
    • Data & Messaging: BigQuery, Pub/Sub, Cloud Storage, Dataflow, Cloud Composer
    • IaC & Automation: Terraform (modules, remote state, policy-as-code), KCC, Cloud Build, GitOps
    • Observability: Cloud Operations Suite, Datadog, SLIs/SLOs, PagerDuty
  • 1+ years of experience with implementing Agentic AI, and creating Agents.
Preferred Qualifications
  • Strong programming and scripting experience in Python and Go; Bash required. PowerShell experience a plus.
  • Experience operating and supporting production platforms in regulated environments.
  • Google Cloud Professional Cloud Architect and/or Professional DevOps Engineer certification.
  • HashiCorp Terraform Associate or Professional certification.
  • Experience with Palo Alto VM-Series NGFW and F5 BIG-IP VE in GCP.
  • Familiarity with Anthos, GKE Enterprise, and multi-cloud connectivity patterns.
  • Experience with Vertex AI, LLM and enterprise MLOps patterns.
  • Healthcare or other highly regulated industry experience (HIPAA, SOC 2, PCI-DSS, FedRAMP).
  • Experience with advanced CI/CD runner infrastructure and multi-OS build environments.
Education

Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent experience (High School diploma + 4 years of relevant experience)

Pay Range

The typical pay range for this role is:

$144,200.00 - $288,400.00


This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls.  The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors.  This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above.  This position also includes an award target in the company’s equity award program. 
 

Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.

Great benefits for great people

We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families.

This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility.


Additional details about available benefits are provided during the application process and on
Benefits Moments.

We anticipate the application window for this opening will close on: 07/11/2026

Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.

CVS Health Edison, New Jersey, USA Office

Edison, United States

CVS Health Elizabeth, New Jersey, USA Office

Elizabeth, United States

CVS Health Florham Park, New Jersey, USA Office

Florham Park, United States

CVS Health Hoboken, New Jersey, USA Office

Hoboken, United States

CVS Health Jersey City, New Jersey, USA Office

Jersey City, United States

CVS Health Montclair, New Jersey, USA Office

Montclair, United States

CVS Health New Brunswick, New Jersey, USA Office

New Brunswick, United States

CVS Health New Rochelle, New York, USA Office

New Rochelle, United States

CVS Health New York, New York, USA Office

New York, United States

CVS Health New York, New York, USA Office

New York, United States

CVS Health New York, New York, USA Office

New York, United States

CVS Health New York, New York, USA Office

New York, United States

CVS Health Newark, New Jersey, USA Office

Newark, United States

CVS Health North Brunswick, New Jersey, USA Office

North Brunswick, United States

CVS Health Paterson, New Jersey, USA Office

Paterson, United States

CVS Health Teaneck, New Jersey, USA Office

Teaneck, United States

CVS Health Yonkers, New York, USA Office

Yonkers, United States

Similar Jobs

42 Minutes Ago
Remote or Hybrid
United States
Mid level
Mid level
Digital Media • eCommerce • Gaming • Mobile • News + Entertainment
Contract SEO Specialist responsible for editorial SEO and YouTube optimization: keyword research, metadata and playlist optimization, content audits and refreshes, technical SEO support, A/B testing, data pulls from YouTube Analytics/Search Console/Ahrefs, tracking and reporting, and competitive research to grow discoverability and watch-time.
Top Skills: AhrefsClearscopeDatabricksGoogle Search ConsoleMixpanelStoryblokStructured Data/Schema MarkupTableauYoutube Studio
44 Minutes Ago
Hybrid
New York, NY, USA
185K-210K Annually
Senior level
185K-210K Annually
Senior level
Artificial Intelligence • Productivity • Software
Lead strategic partnerships to scale Notion's platform by launching and managing integrations, coordinating partner-centric launches, shaping product roadmap with partner insights, driving co-marketing and distribution strategies, and owning relationships with strategic partners to grow adoption and revenue.
Top Skills: AnthropicAPIsDeveloper ToolsGoogleIsvsOpenaiSlack
An Hour Ago
In-Office
New York City, NY, USA
160K-240K Annually
Mid level
160K-240K Annually
Mid level
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Real Estate
Lead full sales cycle for SMB housing customers: build pipeline, create repeatable playbook, partner with marketing/product/CS/RevOps, forecast in Salesforce, hire/mentor, and influence product via customer feedback.
Top Skills: Salesforce

What you need to know about the NYC Tech Scene

As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.

Key Facts About NYC Tech

  • Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
  • Key Industries: Artificial intelligence, Fintech
  • Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
  • Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account