Cloud Security Engineer (GDC / IAM / Encryption) - Contract Rate: £600 day Outside IR35 Location: London - hybrid (2 days onsite) Duration: 12 months Clearance: SC eligible (5 years UK residency), willingness for DV Overview Join a high-impact programme delivering secure, large-scale cloud infrastructure within a UK government environment. Youll help design and secure a private/distributed cloud platform supporting critical national services. Key Responsibilities Design & implement secure workloads in Google Distributed Cloud (GDC) / GCP (GDC experience not necessarily needed but would be strongly desired) Build and manage IAM architectures (SSO, MFA, privileged access lifecycle) Enforce least privilege via resource hierarchies, policies, and constraints Configure network security controls (firewalls, WAF, service perimeters) Deliver data protection & encryption (KMS, CMEK/EKM, sensitive data handling) Secure CI/CD pipelines with vulnerability scanning and policy enforcement Requirements Strong experience in cloud security engineering (GCP preferred; other CSPs considered) Proven IAM, network security, and compliance implementation Experience securing workloads in restricted / air-gapped / high-assurance environments Ability to translate cloud-native security practices to distributed/edge platforms Desirable GCP Professional Cloud Security Engineer certification Experience in UK Gov secure environments (SC/DV, SECRET) Familiarity with GDS standards or public sector delivery Please note this role will require you to undergo DV clearance. If you currently hold ACTIVE SC clearance and match the above requirements please reach out