Outside IR35 contract jobs

Description

We are seeking an experienced and highly skilled GCP Security Lead with expertise in Rego policy (for policy-as-code) and Vertex AI to join our team. The ideal candidate will be responsible for securing Google Cloud Platform (GCP) environments, managing security policies using Rego for policy enforcement, and integrating security practices within AI/ML workloads, specifically leveraging Vertex AI.As the GCP Security Lead, you will play a crucial role in ensuring the integrity, confidentiality, and availability of data, services, and infrastructure while implementing and maintaining scalable, robust security measures across cloud environments.Key Responsibilities:Lead the security strategy and implementation for GCP cloud infrastructure, ensuring that security practices align with organizational goals and compliance standards.Implement Rego policies using Open Policy Agent (OPA) to automate and enforce security controls as part of infrastructure-as-code (IaC) and CI/CD pipelines.Secure AI/ML models and workflows deployed in Vertex AI, ensuring data privacy, model integrity, and secure access controls.Collaborate with DevSecOps teams to integrate security policies into the continuous development lifecycle.Perform threat modeling, risk assessments, and security audits for GCP-based workloads, Vertex AI projects, and AI models.Ensure proper IAM (Identity and Access Management) roles, permissions, and policies are in place for GCP and Vertex AI services.Define and enforce security best practices for AI/ML services in GCP, ensuring compliance with industry standards and regulations.Develop and maintain security dashboards, alerts, and reporting mechanisms to monitor the security posture of GCP and Vertex AI environments.Participate in incident response, vulnerability management, and remediation efforts for GCP-based services and AI workloads.Stay up to date on emerging cloud security trends and technologies, particularly in GCP and AI/ML domains.Required Qualifications:Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).Extensive hands-on experience with Google Cloud Platform (GCP), including GCP security tools, IAM, VPC, Cloud Storage, BigQuery, and other services.Strong expertise in Rego and Open Policy Agent (OPA) for policy-as-code and automated enforcement.Hands-on experience with Vertex AI, including model deployment, security, and monitoring.Solid understanding of AI/ML security, including data privacy, model protection, and access controls.Experience implementing security controls in cloud-native environments, including CI/CD pipeline security and infrastructure automation.Familiarity with security frameworks and regulations (e.g., NIST, GDPR, SOC2, etc.).Strong experience with IAM policies, access controls, and security best practices in GCP.Experience with logging and monitoring tools (e.g., Cloud Audit Logs, Security Command Center, Stackdriver) to monitor and respond to incidents.Expertise in vulnerability management, risk assessments, and implementing security policies across cloud infrastructure.