Apptad - GCP Architect

Role- GCP Architect

Location- Nashville, TN

• The Cloud (GCP) Architect is an experienced Google Cloud Security Architect to design, implement, and manage enterprise-grade security solutions within Google Cloud Platform (GCP). The ideal candidate holds a GCP Professional Certification with deep expertise in GCP IAM, directory services, integration of two factor authentication systems such as Ping Identity, enterprise security architecture, and hands-on Terraform experience. This role requires building integrated cloud IAM solutions that align with organizational policies and compliance frameworks.
• The Cloud (GCP) Architect is responsible for designing, implementing, and managing security solutions within Google Cloud Platform (GCP). The position requires GCP Professional Certification and expertise in areas such as GCP IAM, directory services, integration of two-factor authentication systems like Ping Identity, enterprise security architecture, and experience with Terraform. This role involves building integrated cloud IAM solutions that comply with organizational policies and regulatory frameworks.
• Strong expertise in Google Cloud Identity and Access Management (IAM) policies, roles, and permissions.
• Develop detailed and complex IAM designs for GCP implemented using Terraform.
• Work with the customer to evaluate their needs and assure correct governance and controls are implemented via IAM.
• Integrate Active Directory and other directory services into GCP
• Understanding of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) in cloud environments.
• Integrate SAML services into GCP.
• Experience designing and implementing secure identity and access governance frameworks in GCP.
• In-depth knowledge of resource hierarchy, service accounts, groups, and role-based access control (RBAC).
• Ability to define and enforce least privilege access models across multi-project and multi-organization environments.
• Familiarity with policy troubleshooting, audit logs, and compliance monitoring using Cloud IAM and Security Command Center.
• Hands-on experience integrating IAM with other security services like VPC Service Controls, Cloud Identity, and BeyondCorp.
• Experience automating IAM configuration and management using Terraform or other infrastructure as code tools.
• Ability to educate and collaborate with stakeholders on cloud security best practices and access management strategies.
• Knowledge of regulatory requirements and compliance standards related to cloud identity and access governance.
• Design, implement, and manage cloud infrastructure solutions on GCP platform.
• Collaborate with software engineering teams to define infrastructure requirements and design scalable and reliable cloud architectures.
• Automate infrastructure provisioning, configuration, and deployment using Infrastructure as Code (IaC) tools such as Terraform
• Implement best practices for cloud security, compliance, and governance, including identity and access management (IAM), organization policy, deny policy, encryption, and network security.
• Experience with Hashicorp Vault and GCP Cloud KMS.
• Experience with GCP cloud identity and GCDS tool.
• Monitor, optimize, and scale cloud infrastructure resources to ensure performance, availability, and cost-efficiency.
• Troubleshoot and resolve issues related to cloud infrastructure, including performance bottlenecks, network connectivity, and resource contention.
• Develop and maintain documentation, standards, and policies for cloud infrastructure design and operations.
• Stay current with cloud technologies, trends, and best practices, and provide recommendations for continuous improvement.