Cloud Security Architect

Cloud Security Architect – Financial Services

Location: UK-Remote

Certification: Google Cloud Professional Architect (Mandatory) and Google Cloud Professional Security Architect.

Key Responsibilities

Architect secure cloud environments for financial services clients leveraging GCP security services and best practices.

Design and implement Zero Trust Architecture, identity and access management strategies, and secure networking models.

Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks.

Perform security assessments and threat modeling for cloud-native applications and hybrid environments.

Collaborate with enterprise architects, risk officers, and compliance teams to ensure governance and audit readiness.

Lead security architecture workshops and technical discussions with CISO-level stakeholders.

Develop reusable blueprints and reference architectures for regulated financial environments.

Required Qualifications

Bachelor's or Master’s degree in Computer Science, Information Security, or a related technical field, or equivalent practical experience.

10+ years of experience in cybersecurity, with at least 3 years focused on cloud security architecture.

5+ years of experience in cloud security engineering, with a strong focus on Google Cloud Platform (GCP).

Extensive experience in the financial services industry including banking, insurance, or capital markets.

Hands-on expertise with GCP security tools (e.g., Identity Aware Proxy, BeyondCorp Enterprise, VPC SC, Cloud Armor).

Proven experience with Zero Trust Architecture and secure design principles for cloud and hybrid systems.

Proven experience with DevSecOps methodologies and integrating security into CI/CD pipelines.

Hands-on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center.

Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools.

Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP.

Proficiency in at least one scripting language (e.g., Python, Go, Bash) for automation and security tool development.

Experience with Infrastructure as Code (IaC) tools, particularly Terraform.

Solid understanding of security monitoring, logging, and alerting concepts.

Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10).

Preferred Qualifications

Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs).

Experience with incident response, threat intelligence integration, and advanced detection strategies.

Knowledge of DevSecOps practices and security integration into CI/CD pipelines.

Strong communication and stakeholder engagement skills with experience presenting to C-suite executives.

Experience in defining data classification, governance, and retention policies for financial services.