Google Workspace Security Architect

About Virtasant

Virtasant is a global technology services company with a network of over 4,000 technology professionals across 130+ countries. We specialize in cloud architecture, infrastructure, migration, and optimization, helping enterprises scale efficiently while maintaining cost control.

Our clients range from Fortune 500 companies to fast-growing startups, relying on us to build high-performance infrastructure, optimize cloud environments, and enable continuous delivery at scale.

About the role

We are seeking a Google Workspace Security Architect with strong hands-on experience in Google Workspace security hardening, identity and access governance, and endpoint security assessment.

This is an execution-focused role rather than a broad strategy advisory position. The consultant will evaluate the client’s current environment, identify security improvements, document findings, develop remediation plans, and support decision-making around endpoint management and security controls.

Success in this role requires a structured methodology, strong documentation discipline, and the ability to produce professional client-facing deliverables, including remediation trackers, evidence packages, governance documentation, and executive summaries.

What You’ll Do

• Assess and harden Google Workspace security configurations, including MFA enforcement, administrator privilege reviews, security policies, sharing controls, audit logging, and third-party OAuth/application access.

• Conduct identity and access governance reviews, including user/group/admin access validation, privileged access reviews, MFA coverage assessments, OAuth/SSO application inventory reviews, and joiner/mover/leaver process evaluations.

• Develop and maintain cybersecurity documentation, including remediation plans, governance procedures, exception registers, evidence packages, quarterly access review templates, and executive-ready reports.

• Build and analyze endpoint inventories and assess security controls such as device encryption, patch management, local administrator rights, screen-lock policies, device enrollment, and offboarding/wipe procedures.

• Provide decision support and recommendations regarding endpoint management and security solutions, including Google Endpoint Management, Microsoft Intune, CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, and MSP/MSSP-managed models (decision support only; no tooling implementation required).

• Collaborate with project stakeholders while adhering to established documentation standards, confidentiality requirements, and quality review processes.
  

What We’re Looking For

Must-Have Experience.

• Hands-on experience securing and administering Google Workspace environments, including security hardening and policy implementation.

• Strong background in identity and access management (IAM), privileged access reviews, MFA implementation, access governance, and user lifecycle management.

• Experience conducting cybersecurity assessments and creating remediation plans, risk registers, audit evidence packages, and security documentation.

• Familiarity with endpoint security controls, device management, and endpoint governance best practices.

• Excellent documentation, reporting, and communication skills with the ability to produce client-ready deliverables.

• Professional-level English communication skills with the ability to interact directly with stakeholders.
  
  Nice-to-haves

• Experience with Google Endpoint Management.

• Experience evaluating or working with Microsoft Intune, CrowdStrike, SentinelOne, and Microsoft Defender for Endpoint.

• Experience supporting cybersecurity compliance, audit preparation, or security gap remediation initiatives.

• Consulting or client-facing cybersecurity experience.

• Security certifications such as CISSP, CISM, Security+, Google Cloud Security, or related credentials.

• Experience working in professional services, advisory, or managed security environments.

Our recruitment process

• Recruiter interview (30 min)

• Technical Interview (30 min)

• Client Interview 1 (45 min)

• Client Interview 2 (45 min)

We strive to move efficiently from step to step to make the recruitment process as fast as possible.