Job Title: Senior GCP Security Architect Rate: £575 per day (Outside IR35) Location: Hybrid working (90% remote, with occasional travel to Central London) Employer: Renowned NHS Organisation Job Description: We are seeking a highly skilled Senior GCP Security Architect to join a renowned NHS organisation and play a pivotal role in enhancing the security and scalability of their Google Cloud Platform (GCP) ecosystem. This is a unique opportunity to design and implement cutting-edge cloud security solutions, with a focus on Identity and Access Management (IAM) and Single Sign-On (SSO), to support the secure migration of data and applications from on-premises data centres to GCP. As a Senior GCP Security Architect, you will be responsible for architecting a secure, compliant, and scalable GCP landing zone, embedding security best practices into every stage of the cloud adoption lifecycle. This role requires deep technical expertise in GCP security frameworks, hands-on experience with IAM and SSO integration, and a proven track record of delivering secure cloud solutions in complex environments. Key Responsibilities: Landing Zone Design: Architect and implement a secure, scalable, and compliant GCP landing zone. Define and enforce organisational resource hierarchy (organisations, folders, projects) in alignment with governance policies. Develop guardrails and blueprints using GCP Organisation Policies, Cloud IAM, and Infrastructure as Code (Terraform or Deployment Manager). Security Architecture: Design and implement security best practices for the GCP ecosystem, including: Identity and Access Management (IAM) policies. Secure network design with VPCs, subnets, private service endpoints, and firewall rules. Encryption strategies for data at rest and in transit using GCP Cloud KMS. Secure API gateways and workload identity federation. Implement Identity-Aware Proxy (IAP) for securing application access. Data Migration and Security: Develop security protocols for migrating data and applications from on-premises and other clouds to GCP. Implement data protection mechanisms such as DLP (Data Loss Prevention) and data classification. Ensure sensitive workloads comply with data residency and encryption requirements. Monitoring, Logging, and Incident Response: Configure Security Command Center, Cloud Monitoring, and Cloud Logging for real-time security insights. Set up centralized logging and alerting to monitor policy violations and security incidents. Develop and implement incident response playbooks in coordination with security and operations teams. Governance and Compliance: Ensure compliance with relevant regulatory frameworks (e.g., GDPR, HIPAA, PCI-DSS) by designing automated compliance checks. Perform risk assessments, vulnerability scans, and regular audits of the cloud environment. Create a robust governance framework to manage GCP services securely and at scale. Experience Required: Proven experience in designing and implementing secure GCP environments, with expertise in IAM, VPC design, private endpoints, and service perimeters. Strong knowledge of GCP-native security tools such as Cloud Armor, Forseti Security, and DLP API. Proficiency in encryption technologies and data protection mechanisms. Excellent understanding of regulatory compliance requirements (e.g., SOC 2, ISO 27001, NIST). Strong scripting and automation skills (Python, Bash, or PowerShell). Key Skills: Proficiency in GCP networking, IAM, and security frameworks. Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform or Deployment Manager. Familiarity with data migration tools (e.g., Transfer Appliance, BigQuery Data Transfer Service). Strong understanding of DevOps and CI/CD practices. Strategic thinking and the ability to align cloud solutions with business objectives. Excellent communication and collaboration skills to work with diverse stakeholders. Leadership and mentoring capabilities to guide teams through cloud adoption. Qualifications: Google Professional Cloud Architect certification. Certified Information Systems Security Professional (CISSP) or equivalent. This is a fantastic opportunity to work with a prestigious NHS organisation, contributing to the secure and efficient delivery of critical healthcare services. If you are a seasoned GCP Security Architect with a passion for innovation and a commitment to excellence, we would love to hear from you. Apply now to join a team that is making a difference ADZN1_UKTJ