Senior GCP Security Architect in Barnet

Job Title:Senior GCP Security Architect
Rate:£575 per day (Outside IR35)
Location:Hybrid working (90% remote, with occasional travel to Central London)
Employer:Renowned NHS Organisation
Job Description:
We are seeking a highly skilledSenior GCP Security Architectto join a renowned NHS organisation and play a pivotal role in enhancing the security and scalability of their Google Cloud Platform (GCP) ecosystem. This is a unique opportunity to design and implement cutting-edge cloud security solutions, with a focus on Identity and Access Management (IAM) and Single Sign-On (SSO), to support the secure migration of data and applications from on-premises data centres to GCP.
As a Senior GCP Security Architect, you will be responsible for architecting a secure, compliant, and scalable GCP landing zone, embedding security best practices into every stage of the cloud adoption lifecycle. This role requires deep technical expertise in GCP security frameworks, hands-on experience with IAM and SSO integration, and a proven track record of delivering secure cloud solutions in complex environments.
Key Responsibilities:

1. Landing Zone Design:
   • Architect and implement a secure, scalable, and compliant GCP landing zone.
   • Define and enforce organisational resource hierarchy (organisations, folders, projects) in alignment with governance policies.
   • Develop guardrails and blueprints using GCP Organisation Policies, Cloud IAM, and Infrastructure as Code (Terraform or Deployment Manager).
2. Security Architecture:
   • Design and implement security best practices for the GCP ecosystem, including:
     • Identity and Access Management (IAM) policies.
     • Secure network design with VPCs, subnets, private service endpoints, and firewall rules.
     • Encryption strategies for data at rest and in transit using GCP Cloud KMS.
     • Secure API gateways and workload identity federation.
     • Implement Identity-Aware Proxy (IAP) for securing application access.
3. Data Migration and Security:
   • Develop security protocols for migrating data and applications from on-premises and other clouds to GCP.
   • Implement data protection mechanisms such as DLP (Data Loss Prevention) and data classification.
   • Ensure sensitive workloads comply with data residency and encryption requirements.
4. Monitoring, Logging, and Incident Response:
   • Configure Security Command Center, Cloud Monitoring, and Cloud Logging for real-time security insights.
   • Set up centralized logging and alerting to monitor policy violations and security incidents.
   • Develop and implement incident response playbooks in coordination with security and operations teams.
5. Governance and Compliance:
   • Ensure compliance with relevant regulatory frameworks (e.g., GDPR, HIPAA, PCI-DSS) by designing automated compliance checks.
   • Perform risk assessments, vulnerability scans, and regular audits of the cloud environment.
   • Create a robust governance framework to manage GCP services securely and at scale.

Experience Required:

• Proven experience in designing and implementing secure GCP environments, with expertise in IAM, VPC design, private endpoints, and service perimeters.
• Strong knowledge of GCP-native security tools such as Cloud Armor, Forseti Security, and DLP API.
• Proficiency in encryption technologies and data protection mechanisms.
• Excellent understanding of regulatory compliance requirements (e.g., SOC 2, ISO 27001, NIST).
• Strong scripting and automation skills (Python, Bash, or PowerShell).

Key Skills:

• Proficiency in GCP networking, IAM, and security frameworks.
• Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform or Deployment Manager.
• Familiarity with data migration tools (e.g., Transfer Appliance, BigQuery Data Transfer Service).
• Strong understanding of DevOps and CI/CD practices.
• Strategic thinking and the ability to align cloud solutions with business objectives.
• Excellent communication and collaboration skills to work with diverse stakeholders.
• Leadership and mentoring capabilities to guide teams through cloud adoption.

Qualifications:

• Google Professional Cloud Architect certification.
• Certified Information Systems Security Professional (CISSP) or equivalent.

This is a fantastic opportunity to work with a prestigious NHS organisation, contributing to the secure and efficient delivery of critical healthcare services. If you are a seasoned GCP Security Architect with a passion for innovation and a commitment to excellence, we would love to hear from you.
Apply now to join a team that is making a difference!