Staff Engineer - Cloud Infrastructure & Security

About HighLevel:
HighLevel is an AI-powered business operating system that gives agencies, entrepreneurs and SMBs the infrastructure to build, automate and scale. Today, HighLevel supports SMBs across 150+ countries, fueling community-driven growth rooted in real customer outcomes.To date, businesses operating on HighLevel have generated over $7 billion in ecosystem value, demonstrating the impact of shared infrastructure at scale. By centralizing conversations, automation and intelligence into one system, we help businesses move faster, reduce complexity and execute efficiently.Behind the platform, HighLevel powers more than 4 billion API hits and 2.5 billion message events daily.

With 250 terabytes of distributed data, 250+ microservices and over 1 million domain names supported, our architecture is built for performance, resilience and long-term scalability.

Our PeopleWith over 2,000 team members across 10+ countries, HighLevel operates as a global, remote-first organization built for speed and ownership. We value initiative, clarity and execution, creating space for ambitious people to build systems that support millions of businesses worldwide. Here, innovation thrives, ideas are celebrated and people come first, no matter where they call home.

Our ImpactEvery month, HighLevel enables more than 1.5 billion messages, 200 million leads and 20 million conversations for the more than 1 million businesses we support. Behind those numbers are real people building independence, expanding opportunity and creating measurable impact. We’re proud to be a part of that.Learn more about us on our YouTube Channel or Blog Posts
n

About the Role:We are seeking a Staff Engineer - Cloud Infrastructure & Security to act as a technical architect and leader across HighLevel’s cloud platform.

This role is a senior individual contributor position responsible for designing and evolving secure, scalable, and resilient infrastructure on GCP, with deep ownership across Kubernetes, networking, IAM, and edge security (Cloudflare).

You will work closely with Platform Engineering, SRE, and Cyber Security teams to ensure infrastructure is secure by design, highly available, and aligned with modern best practices, while enabling teams to move fast safely.

Responsibilities:Cloud Infrastructure Architecture (GCP):

Design and evolve GCP-based infrastructure architecture for scalability, resilience, and security.

Define standards for:

Project and environment structure

Multi-region deployments

High availability and failover strategies

Lead architectural reviews for high-impact infrastructure changes.

Ensure infrastructure supports high-scale, multi-tenant SaaS workloads.

Kubernetes Platform (GKE):

Architect and optimize Kubernetes (GKE) platforms for production workloads.

Define and enforce:

Cluster architecture and node pool strategies

Workload isolation and scheduling policies

Upgrade and lifecycle management strategies

Improve reliability, scalability, and operational efficiency of Kubernetes environments.

Networking & Edge (Cloudflare):

Design and manage secure and scalable cloud networking:

VPCs, subnets, routing, and firewalls

Load balancing and traffic routing

Own integration with Cloudflare, including:

CDN configuration

WAF rules and DDoS protection

Edge security and traffic management

Ensure low-latency, resilient, and secure traffic flows.

Identity & Access Management (IAM):

Design and enforce least-privilege IAM architecture across GCP and platform systems.

Define standards for:

Service accounts and roles

Access control policies

Just-in-time access and auditing

Partner with Cyber Security to continuously improve access posture and reduce risk.

Cloud Security & Platform Hardening:

Build and enforce secure-by-default infrastructure patterns.

Partner closely with Cyber Security teams to:

Identify and remediate vulnerabilities

Implement security controls and guardrails

Support threat modeling and risk assessments

Secure Kubernetes workloads, networking layers, and cloud services.

Infrastructure as Code & Automation:

Drive adoption and quality of Infrastructure as Code (IaC) using tools like Terraform.

Build reusable infrastructure modules and automation frameworks.

Ensure infrastructure changes are Auditable, Repeatable & Safe

Reduce manual operational work through automation.

Reliability, DR & Operational Readiness:

Design and improve disaster recovery (DR) and failover strategies.

Define and validate RTO / RPO objectives.

Partner with SRE teams to improve Incident response, System resilience & Operational readiness

Participate in postmortems and drive systemic improvements.

Performance & Cost Optimization:

Identify infrastructure inefficiencies and performance bottlenecks.

Partner with FinOps and Cloud teams to:

Optimize resource utilization

Improve cost visibility and predictability

Balance performance, reliability, and cost in architectural decisions.

Technical Leadership & Mentorship:

Act as a technical leader across Cloud Infrastructure and Security domains.

Mentor SDE2, SDE3, and Lead engineers.

Drive design reviews, architecture discussions, and best practices.

Influence teams across the organization without direct authority.

Cross-Functional Collaboration:

Work closely with:

Platform Engineering (CI/CD, DevEx)

SRE & InfraOps (operations and reliability)

Cyber Security teams (security and compliance)

Communicate complex technical concepts clearly to stakeholders and leadership.

Requirements:

Bachelor’s degree or equivalent experience in Engineering or related field

9+ years of experience in cloud infrastructure, platform engineering, or security

Deep hands-on experience with:

GCP (preferred) or other cloud platforms

Kubernetes (GKE) in production environments

Cloud networking and distributed systems

Strong experience with:

Cloudflare (CDN, WAF, edge security)

IAM and access control systems

Proven experience designing secure, highly available systems at scale

Strong problem-solving and system design skills

Excellent communication and leadership abilities

Nice to Have:
Experience in high-growth SaaS environments

Familiarity with service mesh (Istio or similar)

Experience with policy-as-code (OPA, Kyverno)

Experience in compliance-driven environments

Scripting or programming experience (Go, Python, Bash)

nEEO Statement:
The company is an Equal Opportunity Employer. As an employer subject to affirmative action regulations, we invite you to voluntarily provide the following demographic information. This information is used solely for compliance with government record-keeping, reporting, and other legal requirements. Providing this information is voluntary and refusal to do so will not affect your application status. This data will be kept separate from your application and will not be used in the hiring decision.