GCP Cloud Security Architect

Cloud Security Engineer (GDC / IAM / Encryption) – Contract

Rate: £600 day Outside IR35
Location: London – hybrid (2 days onsite)
Duration: 12 months
Clearance: SC eligible (5+ years UK residency), willingness for DV

Overview
Join a high-impact programme delivering secure, large-scale cloud infrastructure within a UK government environment. You’ll help design and secure a private/distributed cloud platform supporting critical national services.

Key Responsibilities

• Design & implement secure workloads in Google Distributed Cloud (GDC) / GCP (GDC experience not necessarily needed but would be strongly desired)
• Build and manage IAM architectures (SSO, MFA, privileged access lifecycle)
• Enforce least privilege via resource hierarchies, policies, and constraints
• Configure network security controls (firewalls, WAF, service perimeters)
• Deliver data protection & encryption (KMS, CMEK/EKM, sensitive data handling)
• Secure CI/CD pipelines with vulnerability scanning and policy enforcement

Requirements

• Strong experience in cloud security engineering (GCP preferred; other CSPs considered)
• Proven IAM, network security, and compliance implementation
• Experience securing workloads in restricted / air-gapped / high-assurance environments
• Ability to translate cloud-native security practices to distributed/edge platforms

Desirable

• GCP Professional Cloud Security Engineer certification
• Experience in UK Gov secure environments (SC/DV, SECRET+)
• Familiarity with GDS standards or public sector delivery

Please note this role will require you to undergo DV clearance.

If you currently hold ACTIVE SC clearance and match the above requirements please reach out