Senior Software Engineer, Cloud Platform

About the Team

We are the Cloud Platform Engineering team, responsible for the infrastructure systems that give the entire organization visibility and control over its cloud resources. We build two critical platforms:

• Cloud Cost Management Platform — a billing and cost attribution system that tracks GCP spend across all departments, enables cross-department chargeback, and provides the data foundation for cost optimization across $30M+ in annual cloud spend.
• Security & Access Platform — a zero-trust access control system covering Just-In-Time (JIT) access, Attribute-Based Access Control (ABAC), and self-service credential management for all production GCP environments and CI/CD pipelines.

Our work directly impacts engineering productivity, cost governance, and the security posture of the entire company.

What You'll Build

Cost & Billing Platform

• Design and build a multi-level billing and cost attribution pipeline that ingests raw GCP billing data and distributes costs across business units, departments, and feature teams
• Build the billing dashboard — a self-serve cost reporting system used by all department leads across the organization
• Develop anomaly detection and alerting for abnormal cloud usage patterns
• Build cost optimization recommendation systems based on utilization signals across GCP resources
• Implement automated resource rightsizing and waste reduction tooling

Security & Access Platform

• Implement and roll out a Just-In-Time (JIT) access request system to replace standing IAM privileges
• Build a self-service credential management system

What We're Looking For

Must-Have

• 5+ years of software engineering experience, with at least 2 years building platform or infrastructure tooling
• Strong backend engineering skills — Go, Python, or Java
• Hands-on experience with GCP or AWS
• Experience designing and building data pipelines or backend services that process and aggregate large datasets
• Solid understanding of cloud security principles: IAM, RBAC/ABAC, least-privilege access, secrets management
• Comfortable owning a project end-to-end: design → implementation → rollout → monitoring

Nice to Have

• Experience building cost management, FinOps, or billing systems
• Experience with access control systems (JIT, PAM, ABAC/RBAC frameworks)
• Familiarity with HashiCorp Vault or similar secrets management platforms
• GitLab CI/CD administration experience, including runner security
• Experience with Kubernetes resource management, autoscaling, or rightsizing tooling (e.g. ScaleOps, VPA)
• Prior work in a platform engineering or DevOps/SRE team