Google Workspace Security Architect

About Virtasant

Virtasant is a global technology services company with a network of over 4,000 technology professionals across 130+ countries. We specialize in cloud architecture, infrastructure, migration, and optimization, helping enterprises scale efficiently while maintaining cost control.

Our clients range from Fortune 500 companies to fast-growing startups, relying on us to build high-performance infrastructure, optimize cloud environments, and enable continuous delivery at scale.

About the role

We are seeking a Google Workspace Security Architectwith strong hands-on experience in Google Workspace security hardening, identity and access governance, and endpoint security assessment.

This is an execution-focused role rather than a broad strategy advisory position. The consultant will evaluate the client’s current environment, identify security improvements, document findings, develop remediation plans, and support decision-making around endpoint management and security controls.

Success in this role requires a structured methodology, strong documentation discipline, and the ability to produce professional client-facing deliverables, including remediation trackers, evidence packages, governance documentation, and executive summaries.

What You’ll Do

Assess and harden Google Workspace security configurations, including MFA enforcement, administrator privilege reviews, security policies, sharing controls, audit logging, and third-party OAuth/application access.

Conduct identity and access governance reviews, including user/group/admin access validation, privileged access reviews, MFA coverage assessments, OAuth/SSO application inventory reviews, and joiner/mover/leaver process evaluations.

Develop and maintain cybersecurity documentation, including remediation plans, governance procedures, exception registers, evidence packages, quarterly access review templates, and executive-ready reports.

Build and analyze endpoint inventories and assess security controls such as device encryption, patch management, local administrator rights, screen-lock policies, device enrollment, and offboarding/wipe procedures.

Provide decision support and recommendations regarding endpoint management and security solutions, including Google Endpoint Management, Microsoft Intune, CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, and MSP/MSSP-managed models (decision support only; no tooling implementation required).

Collaborate with project stakeholders while adhering to established documentation standards, confidentiality requirements, and quality review processes.

What We’re Looking For

Must-Have Experience .

Hands-on experience securing and administering Google Workspace environments, including security hardening and policy implementation.

Strong background in identity and