GCP Cloud Architect
Apex Systems, North Palm Beach, FL, United States
Lead Security Architect Google Cloud Platform (GCP)
We are seeking a Lead Security Architect GCP to serve as the enterprise's primary authority on secure cloud architecture for Google Cloud Platform. This is a high-impact, design-driven position responsible for defining the organization's secure GCP foundation, establishing enterprise guardrails, and creating security blueprints that will shape long-term cloud adoption. This role is architecture-focused (HLD + LLD) not a hands-on engineering position. You will guide secure-by-default cloud design, lead the architecture for Gemini AI adoption, and mentor internal teams as they build GCP proficiency. Key Responsibilities
Serve as the lead design authority for all secure GCP architecture decisions and patterns. Partner with cloud, networking, and security teams to guide secure deployment strategies across the enterprise. Author, maintain, and govern Secure Design Blueprints for all GCP services. Translate enterprise security requirements into actionable HLD/LLD documentation. Act as the lead architect for secure Gemini AI deployment. Design data isolation models, identity boundaries, and VPC Service Controls (VPC-SC) to support safe AI adoption. Define and implement organization-level policies, including Org Policy Constraints, IAM hierarchy design, and enterprise segmentation strategies. Establish secure landing zones and guardrail frameworks before scaling workloads. Analyze systemic CSPM findings and update SDBs to address architectural weaknesses. Provide strategic guidance, not daily monitoring. Design VPC topology, network segmentation, ingress/egress patterns, logging/monitoring frameworks, IAM strategy, and SSO integration. Support multi-region design, resiliency planning, secrets management, and DNS architecture. Mentor internal teams that are early in their GCP journey. Operate in an advisory model, influencing without direct engineering ownership. Key Qualifications
8+ years in Cybersecurity. 5+ years specifically dedicated to GCP security architecture at enterprise scale. Proven experience designing secure landing zones, guardrails, and enterprise architecture in GCP. Professional GCP Security Architect or Engineer certification (required). Deep knowledge of: VPC Service Controls (VPC-SC), IAM & complex organizational hierarchies, Cloud Armor, GCP-native security tools & architecture patterns, Secure AI/ML architecture (Gemini, Vertex AI). Strong understanding of AWS security frameworks (preferred for cross-cloud alignment). Familiarity with Terraform or CloudFormation (no coding required). Strong ability to create HLD, LLD, SDBs, and enterprise architecture documentation. Excellent communication and consultative skills with the ability to influence across teams. Environment & Context
Organization is maturing its GCP capabilities from early-stage (crawl phase). AWS program is already established; GCP may mirror or diverge from that model. Internal teams are still developing GCP skills this role will be key in mentoring and guiding them. Heavy collaboration with Cloud, Network, and Security Engineering teams. Competitive vendor landscape; high visibility across the organization. What You'll Deliver
A secure-by-design enterprise GCP foundation Governance and guardrails that scale Secure design patterns for foundational GCP services Security architecture for Gemini AI and future AI workloads Long-term blueprinting for cloud operating models Architectural leadership that accelerates safe enterprise cloud adoption
We are seeking a Lead Security Architect GCP to serve as the enterprise's primary authority on secure cloud architecture for Google Cloud Platform. This is a high-impact, design-driven position responsible for defining the organization's secure GCP foundation, establishing enterprise guardrails, and creating security blueprints that will shape long-term cloud adoption. This role is architecture-focused (HLD + LLD) not a hands-on engineering position. You will guide secure-by-default cloud design, lead the architecture for Gemini AI adoption, and mentor internal teams as they build GCP proficiency. Key Responsibilities
Serve as the lead design authority for all secure GCP architecture decisions and patterns. Partner with cloud, networking, and security teams to guide secure deployment strategies across the enterprise. Author, maintain, and govern Secure Design Blueprints for all GCP services. Translate enterprise security requirements into actionable HLD/LLD documentation. Act as the lead architect for secure Gemini AI deployment. Design data isolation models, identity boundaries, and VPC Service Controls (VPC-SC) to support safe AI adoption. Define and implement organization-level policies, including Org Policy Constraints, IAM hierarchy design, and enterprise segmentation strategies. Establish secure landing zones and guardrail frameworks before scaling workloads. Analyze systemic CSPM findings and update SDBs to address architectural weaknesses. Provide strategic guidance, not daily monitoring. Design VPC topology, network segmentation, ingress/egress patterns, logging/monitoring frameworks, IAM strategy, and SSO integration. Support multi-region design, resiliency planning, secrets management, and DNS architecture. Mentor internal teams that are early in their GCP journey. Operate in an advisory model, influencing without direct engineering ownership. Key Qualifications
8+ years in Cybersecurity. 5+ years specifically dedicated to GCP security architecture at enterprise scale. Proven experience designing secure landing zones, guardrails, and enterprise architecture in GCP. Professional GCP Security Architect or Engineer certification (required). Deep knowledge of: VPC Service Controls (VPC-SC), IAM & complex organizational hierarchies, Cloud Armor, GCP-native security tools & architecture patterns, Secure AI/ML architecture (Gemini, Vertex AI). Strong understanding of AWS security frameworks (preferred for cross-cloud alignment). Familiarity with Terraform or CloudFormation (no coding required). Strong ability to create HLD, LLD, SDBs, and enterprise architecture documentation. Excellent communication and consultative skills with the ability to influence across teams. Environment & Context
Organization is maturing its GCP capabilities from early-stage (crawl phase). AWS program is already established; GCP may mirror or diverge from that model. Internal teams are still developing GCP skills this role will be key in mentoring and guiding them. Heavy collaboration with Cloud, Network, and Security Engineering teams. Competitive vendor landscape; high visibility across the organization. What You'll Deliver
A secure-by-design enterprise GCP foundation Governance and guardrails that scale Secure design patterns for foundational GCP services Security architecture for Gemini AI and future AI workloads Long-term blueprinting for cloud operating models Architectural leadership that accelerates safe enterprise cloud adoption