Cloud Security Engineer (GCP / IAM / Encryption) - Contract
Rate: £600 day Outside IR35
Location: London - hybrid (3 days onsite) - Non negotable
Duration: 12 month
Clearance: Active SC, willingness for DV
Overview
Join a high-impact programme delivering secure, large-scale cloud infrastructure within a UK government environment. You'll help design and secure a private/distributed cloud platform supporting critical national services.
Key Responsibilities
* Design & implement secure workloads in Google Distributed Cloud (GDC) / GCP (GDC experience not necessarily needed but would be strongly desired)
* Build and manage IAM architectures (SSO, MFA, privileged access lifecycle)
* Enforce least privilege via resource hierarchies, policies, and constraints
* Configure network security controls (firewalls, WAF, service perimeters)
* Deliver data protection & encryption (KMS, CMEK/EKM, sensitive data handling)
* Secure CI/CD pipelines with vulnerability scanning and policy enforcement
Requirements
1. Strong experience in cloud security engineering (GCP preferred; other CSPs considered)
2. Proven IAM, network security, and compliance implementation
3. Experience securing workloads in restricted / air-gapped / high-assurance environment...