Security Architect

Security Architect – 9 months – up to £(Apply online only) p/day – hybrid

Our client is looking for an experienced Security Architect to work in a hybrid capacity with 2 days on-site at either the London, Bristol or Manchester office.

This is a 9-month role with a daily rate between £(Apply online only) p/day inside IR35.

Your role:

1. Design and work to continuously improve the security of our platforms and services.
2. Develop and communicate meaningful security policies.
3. Prioritise and deliver recommendations and improvements in response to incident reviews.
4. Advocate for a risk-based, outcome-driven view of secure architecture.
5. Identify and promote best practices for multidisciplinary teams to deliver robust, resilient, secure, and scalable solutions.
6. Facilitate team meetings, sizing and planning meetings, and incident reviews.
7. Ensure the team has good processes in place.
8. Communicate concerns, risks, and issues with the broader team and senior management.

Experience required:

1. Have a deep understanding and extensive experience in security-specific technologies and systems.
2. Are exploring and identifying security options tailored to complex enterprise solutions, while assessing the risks associated with proposed changes.
3. Are designing the security posture for federated, decoupled, and complex systems in cloud environments (AWS).
4. Have experience with network and boundary protection technologies, such as firewalls, gateways, antivirus solutions, and cross-domain systems.
5. Have excellent understanding and experience in authentication and authorization technologies (e.g., SAML, AD, LDAP, OIDC, OAuth 2.0, Federated IdPs, RBAC/ABAC, SSO), as well as cryptographic frameworks and protocols (e.g., PKI, digital signatures, TLS/mTLS, and encryption algorithms).
6. Able to perform threat models for strategic application systems, identify security design flaws and technology weaknesses, and define security design requirements to address cyber threats.
7. Have knowledge of securing container orchestration platforms (e.g., EKS, Kubernetes RBAC, network policies, Docker).
8. Have knowledge of DLP (Data Loss Prevention) solutions.
9. Have knowledge of security frameworks and best practices (e.g., NIST, ISO 27001, CIS, NCSC, OWASP Web, API security).
10. Have knowledge of SIEM tools and real-time threat detection systems.

#J-18808-Ljbffr