About the Role Security is foundational to our GenAI platform. The platform is built on Google Cloud Platform (GCP), and we welcome candidates with strong experience across enterprise cloud security platforms (e.g., AWS, Azure, or other cloud environments), with GCP expertise considered a strong advantage.As our Security Lead, you will own the security architecture, drive implementation of security controls, and ensure compliance with enterprise policies and regulations. You will lead security decision making across the platform, working closely with infrastructure, application, and use case teams to embed security throughout the development lifecycle.Key ResponsibilitiesOwn security architecture and drive security decisions across the platformDesign and implement GCP IAM architecture with organisation-level role hierarchyConfigure Workload Identity for secure pod-to-GCP service authenticationImplement Kubernetes RBAC with namespace isolation for multi-tenant workloadsDeploy and manage Secret Manager with Secrets Store CSI Driver integrationConfigure VPC Service Controls for production data exfiltration preventionImplement Cloud KMS with Customer-Managed Encryption Keys (CMEK)Design service account strategy with least privilege principlesLead security audit preparation and coordinate penetration testingDevelop security policies, runbooks, and incident response proceduresReview infrastructure-as-code and application code for security complianceEnsure GDPR and EU AI Act compliance for AI workloadsRequired Skills5+ years experience in cloud security engineering or architectureStrong expertise in GCP security (IAM, VPC Service Controls, Security Command Center) - essentialExperience with GCP organisation policies and hierarchyKnowledge of Workload Identity and Kubernetes security patternsProficiency in Secret Manager, Cloud KMS, and encryption key managementUnderstanding of Zero Trust architecture principlesExperience leading security audits and compliance programmes (SOC 2, ISO 27001)Strong communication skills for driving security decisions across teamsDesirable Skills Experience with GDPR compliance in cloud environmentsKnowledge of EU AI Act requirements for high-risk AI systemsBackground in Security Command Center and threat detectionExperience with Binary Authorization and supply chain securityFamiliarity with penetration testing coordination and remediationCISSP, CCSP, or equivalent security certifications