GCP Architect / GCP IAM/PAM Architect

Hays plc
London, United Kingdom
10 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
London, United Kingdom

Tech stack

Microsoft Active Directory
Google App Engines
Cloud Computing
Continuous Integration
Software Design Documents
Federated Identity Management
Github
Monitoring of Systems
Identity and Access Management
OAuth
OpenID
Role-Based Access Control
Azure
Zero Trust Network Access
Security Assertion Markup Language (SAML)
Google Cloud Platform
Okta
Firewalls (Computer Science)
Kubernetes
Terraform
Software Version Control
VMware

Job description

Certifications

  • Google Cloud Architect Certification (Professional Cloud Architect) -in date mandatory

Role Overview

Our key client is seeking a Tier 1 Google Cloud Architect to support a large-scale Google Cloud migration programme. The successful candidate will play a key role in designing and delivering end-to-end Google Cloud solutions, covering infrastructure, platforms, and networking.

This is a hands-on architecture role requiring strong experience across GCP build, migration, and automation, with a focus on delivering scalable, secure cloud environments aligned with enterprise standards.

Programme Overview

  • Enterprise Google Cloud migration programme
  • Scope includes:
  • Landing Zone design & implementation
  • Google Compute Engine (GCE)
  • Google Cloud VMware Engine (GCVE)
  • Google Kubernetes Engine (GKE)
  • Focus on modernisation, automation, and cloud-native adoption

Key Skills & Experience

Essential

  • Minimum 5+ years of Google Cloud experience
  • Proven experience as a Cloud Architect on large-scale migration programmes
  • Hands-on experience across:
  • GCP Landing Zones
  • GCE, GCVE, GKE
  • GCP Networking (VPCs, firewalls, connectivity)
  • Strong experience with:
  • Terraform & Terragrunt
  • GitHub (version control & workflows)
  • CI/CD pipeline design and implementation
  • Experience with GCP Native Monitoring & Observability

Certifications

  • Google Cloud Architect Certification (Professional Cloud Architect) - in date mandatory

Role Overview

The GCP IAM / PAM Architect is a senior technical leadership role responsible for the design, implementation, and governance of Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions within the WPP Google Cloud environment.

This role ensures that identity services are secure, scalable, and compliant, aligned with enterprise security standards and least-privilege access principles. The architect will work across multiple IAM domains and provide end-to-end ownership from strategy through to delivery oversight.

The key priority for this role is expertise in ADM (Access & Directory Management).

Key Responsibilities

Architecture & Design

  • Design and define end-to-end IAM and PAM architectures across GCP and enterprise platforms
  • Develop secure identity frameworks aligned to zero trust and least privilege principles
  • Architect integrations between:
  • GCP IAM & GCP Identities
  • Okta (SSO / Federation)
  • Active Directory (AD / AAD where applicable)
  • BeyondTrust PAM
  • Produce high- and low-level design documentation

Key Skills & Experience

Essential

  • Strong experience as an IAM / PAM Architect in enterprise environments
  • Deep expertise in:
  • Google Cloud Platform (GCP) IAM & GCP Identity
  • Privileged Access Management (PAM) solutions (ideally BeyondTrust)
  • Access & Directory Management (ADM) frameworks
  • Proven experience integrating:
  • Okta (SSO, MFA, federation)
  • Active Directory (AD / Hybrid identity)
  • Strong understanding of:
  • RBAC / ABAC models
  • Identity federation (SAML, OIDC, OAuth)
  • Experience with large-scale cloud transformation programmes

Please note that GCP, Beyond Trust, and Terraform and Okta are key technical requirements for both roles. Please get in touch as these will go quickly!

#4803197 - Nasar

Requirements

Essential

  • Minimum 5+ years of Google Cloud experience
  • Proven experience as a Cloud Architect on large-scale migration programmes
  • Hands-on experience across:
  • GCP Landing Zones
  • GCE, GCVE, GKE
  • GCP Networking (VPCs, firewalls, connectivity)
  • Strong experience with:
  • Terraform & Terragrunt
  • GitHub (version control & workflows)
  • CI/CD pipeline design and implementation
  • Experience with GCP Native Monitoring & Observability

Certifications

  • Google Cloud Architect Certification (Professional Cloud Architect) - in date mandatory, Essential

  • Strong experience as an IAM / PAM Architect in enterprise environments

  • Deep expertise in:

  • Google Cloud Platform (GCP) IAM & GCP Identity
  • Privileged Access Management (PAM) solutions (ideally BeyondTrust)
  • Access & Directory Management (ADM) frameworks
  • Proven experience integrating:
  • Okta (SSO, MFA, federation)
  • Active Directory (AD / Hybrid identity)
  • Strong understanding of:
  • RBAC / ABAC models
  • Identity federation (SAML, OIDC, OAuth)
  • Experience with large-scale cloud transformation programmes

Apply for this position