Location: Corsham, UK (Onsite, 5 days per week)
Clearance: This role requires all candidates to have an active DV clearance.
Join Europe's leading, high-growth Google Cloud consultancy. At Qodea, you'll be part of a team energised by innovation and passionate about delivering exceptional results. We craft cutting-edge solutions in data and analytics, AI, cloud infrastructure and security, driving digital transformation that empowers our customers to scale, modernise and lead in their industries. We're driven by ideas and powered by our people. This role sits within our sister consultancy, tmc3.
About the role
As a Lead GCP Security Consultant, you will be responsible for designing and advising on secure cloud architectures within Google Cloud Platform (GCP), ensuring compliance with UK and international standards. You will work with clients across sectors to assess risks, implement robust security controls, and guide secure cloud adoption strategies. This role requires a strong understanding of cloud-native security, regulatory frameworks, and the ability to translate technical risks into business impact.
What You'll Do:
* Design and implement secure GCP architectures, incorporating identity, access management, encryption, and network security.
* Conduct cloud security assessments and gap analyses for UK-based organisations.
* Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO
* Develop and enforce cloud security policies, procedures, and governance models.
* Lead threat modelling, risk assessments, and vulnerability management initiatives.
* Configure and manage GCP security tools such as Google SecOps tooling, Security Command Center, Cloud Armor, and VPC Service Controls.
* Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines.
* Support incident response planning and cloud-specific disaster recovery strategies.
* Stay up to date with GCP security features, UK regulatory changes, and emerging threats.
Requirements
Essential Skills & Experience:
* Experience in cloud security, with time spent focused on GCP.
* Strong knowledge of:
* GCP security services (IAM, Cloud KMS, VPC Service Controls, etc.)
* UK data protection and compliance frameworks (GDPR, ICO guidance)
* Identity federation, SSO, and role-based access control
* Network segmentation and firewall configuration in GCP
* Logging, monitoring, and SIEM integration (e.g. Splunk, Chronicle)
* Experience with Infrastructure as Code (Terraform, Deployment Manager).
Desirable:
* Google Cloud Professional Cloud Security Engineer certification.
* Experience with UK public sector or regulated industries (e.g. finance, healthcare).
* Familiarity with container security (GKE, Kubernetes RBAC, image scanning).
* Proficiency in scripting (Python, Bash) for automation and tooling.
* Experience with incident response in cloud-native environments.
* Previous consultancy experience within UK public sector organisations.
* Experience working with the Ministry of Defence (MOD) is highly desirable.
Soft Skills:
* Strong communication skills with the ability to engage both technical and non-technical
* stakeholders.
* Consulting mindset with a focus on client outcomes and risk mitigation.
* Ability to work independently and collaboratively in fast-paced environments.
* Strategic thinking and a proactive approach to problem-solving.
How You'll Grow:
* Clear career progression opportunities within our career framework
* Cross-skilling and internal mobility across business areas
* Access to dedicated training, certifications, and professional memberships
Benefits
Financial:
* Competitive base salary.
* Matching pension scheme (up to 5%) from day one.
* Discretionary company bonus scheme.
* 4 x annual salary Death in Service coverage from day one.
* Employee referral scheme.
Health and Wellbeing:
* Private medical insurance from day one.
* app: access to remote GPs, second opinions, mental health support, and physiotherapy.
* EAP service
* Cycle to Work scheme.
Time Off and Flexibility:
* 36 days annual leave (inclusive of bank holidays).
* An extra paid day off for your birthday.
* Ten paid learning days per year.
* Flexible working hours.
* Market-leading parental leave.
* Sabbatical leave (after five years).
* Work from anywhere (up to 3 weeks per year).
Development and Recognition:
* Industry-recognised training and certifications.
* Bonusly employee recognition and rewards platform.
* Clear opportunities for career development.
* Length of Service Awards
Extra Perks:
* Regular company events.
* Tech Scheme.
Diversity and Inclusion Statement
At Qodea, we champion diversity and inclusion. We believe that a career in IT should be open to everyone, regardless of race, ethnicity, gender, age, sexual orientation, disability or neurotype. We value the unique talents and perspectives that each individual brings to our team, and we strive to create a fair and accessible hiring process for all. If you feel we can improve in any way, please reach out to our careers team via email at or connect with us on LinkedIn via our Qodea Company Page.