Zero Trust Architect

Position Overview

Leading FinTech company seeking a Zero Trust Architect to design and implement end-to-end Zero Trust security models across its cloud-native infrastructure. This high-impact role is focused on securing user identities, APIs, workloads, data, and developer environments— leveraging principles of least privilege, segmentation, continuous verification, and adaptive trust.

The ideal candidate has deep expertise in Zero Trust Architecture (ZTA), extensive experience in cloud security (GCP preferred), and a strong understanding of financial sector regulatory obligations.

What You’ll Do

Zero Trust Architecture & Strategy

• Design and deploy a Zero Trust Architecture across the organisation, covering:
• User access
• Workload security
• Network segmentation  Device trust
• Continuous authentication & posture-based access
• Develop and maintain enterprise-wide Zero Trust policies, control frameworks, and reference architectures.
• Guide the selection and integration of enabling technologies: identity providers (IdPs), IAM tools, policy engines, and segmentation platforms.
• Lead the creation of trust zones, least-privilege access models, and granular control boundaries across cloud environments.

Cloud & Identity Security

• Implement Zero Trust security within Google Cloud Platform (GCP), including:
• Identity-Aware Proxy (IAP)  BeyondCorp Enterprise
• VPC Service Controls
• IAM Recommender and Context-Aware Access
• Enforce strong workload identity and federated access controls for internal services and APIs.
• Align all identity, device, and network layers to the principles of Zero Trust, ensuring secure-by-design development and operations.

Security Engineering & Governance

Work hands-on with engineering and platform teams to implement declarative access controls, security baselines, and secure CI/CD pipelines.

Create and maintain machine-readable policy templates (OPA/Gatekeeper, HashiCorp Sentinel). Define monitoring requirements for visibility into trust posture, access violations, and policy exceptions. Ensure Zero Trust implementations align with PCI-DSS, ISO 27001, SOC 2, and GDPR.

Who You Are

You are a cloud-native security architect with extensive experience in designing secure access models at scale. You understand the balance between developer productivity and robust control frameworks, and you have hands-on knowledge of how Zero Trust applies in real-world, production environments , especially within the FinTech or high-compliance sectors.

Essential Qualifications

• +5 years of experience in cybersecurity.
• Deep understanding of Zero Trust principles: segmentation, adaptive authentication, policy-based access control, continuous trust evaluation. Hands-on expertise with Google Cloud Platform (GCP) security architecture and native Zero Trust tools.
• Demonstrated experience with IAM architecture, SSO/MFA, IdPs, and federated identity frameworks (SAML, OIDC, SCIM). Familiarity with policy-as-code implementations (OPA, Rego, or Sentinel).
• Strong background in Kubernetes (GKE) and service mesh technologies (Istio, Linkerd).
• Experience aligning security models to compliance frameworks: PCI-DSS, NIST SP 800-207, ISO 27001.
• Excellent stakeholder communication skills, with ability to work cross-functionally across security, engineering, and GRC.

Nice to Have

Certifications:

•  Google Professional Cloud Security Engineer
•  Certified Zero Trust Architect (from CSA or vendor-specific)  CISSP, CCSP, or CISM
• Experience with device trust enforcement and endpoint posture controls (CrowdStrike, BeyondCorp, Jamf, Microsoft Intune). Exposure to software-defined perimeter (SDP) tools or microsegmentation platforms ( Zscaler, Illumio, Appgate).
• Familiarity with confidential computing, remote browser isolation, and DLP in cloud environments. Background in secure remote work architecture and BYOD policy enforcement.

What You’ll Gain

• Opportunity to design and lead Zero Trust implementation at the architecture level in a cutting-edge FinTech company.
• Work with global DevOps, Platform, and Security teams in a cloud-native, API-first environment.
• Ability to make architectural decisions that directly impact compliance, scale, and trust.
• Flexible, remote-first work culture with executive visibility.
• Greenfield opportunity to build a strategic control layer from the ground up.