Security Solutions Architect

Dev/Null Security is a cyber security consultancy that specializes in security solution architecture, engineering, implementation, and operational support. With decades of experience, our team defends high-value, highly targeted assets and systems against advanced threats. We provide top-tier consulting services through strategy and advisory, consulting and managed services, and privileged access management. Our mission is to add quality and value at every step.

We have an exciting opportunity for a Security Solutions Architect (Crypto & HSM) to manage end-to-end solution design and be responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. You should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Additionally, you will provide technical thought leadership and direction to their aligned projects. You may also stand in as consultants across a wider portfolio within the programme. This is a hybrid role based in either Glasgow, Edinburgh, Manchester, Sheffield or Birmingham with some work-from-home flexibility.

Our Security Solutions Architect will:

• Architect secure, multi-tenant HSMaaS platforms for cryptographic key management and operations.
• Design scalable, compliant HSM infrastructures.
• Integrate and optimise cloud and on-prem HSMs.
• Develop secure APIs and interfaces for HSM provisioning, access, and automation.
• Implement strong access controls, key isolation, and secure lifecycle management.
• Establish cryptographic policies for key creation, usage, rotation, and destruction.
• Embed monitoring, logging, and attestation for cryptographic operations and HSM events.
• Perform threat modelling and security architecture reviews focused on HSM services.
• Define disaster recovery, high availability, and secure backup strategies for HSMaaS.
• Have familiarity with compliance frameworks and security benchmarks, including CIS, NIST, ISO 27001, and how they apply to cryptographic services.

Excellent communication and collaboration skills, with the ability to influence cross-functional teams and translate technical concepts to business stakeholders. Proactive, solution-oriented mindset with strong problem-solving abilities, a strategic approach to cloud security architecture, and a passion for continuous improvement. Uses compelling arguments to gain the support and commitment of others; stepping up to address difficult issues and saying what needs to be said. Ability to operate effectively even when things are not certain, or the way forward is not clear; holds self and others accountable to meet commitments. Ability to apply knowledge of business and the market to making good and timely decisions that keeps the organization moving forward. Prior financial services experience is essential.

Qualifications & Certifications:

• Bachelors or master’s degree in cybersecurity, computer science, software engineering, or related field.
• CISSP/CISM certification or other broad cybersecurity industry-recognised certificate.
• Architect-level certification in one or more public cloud platforms.

Platform & Technology:

• BizzDesign, Archi, or generic UML visualisation experience for high-level designs.
• Working proficiency in Jira for project & tasks management.
• Working proficiency in Confluence for documentation.

Whilst DevNull Security are a remote-first company, our consulting team may be required to travel to a physical site 2-3 times per week (either Edinburgh, Birmingham, Sheffield, Manchester or Glasgow) subject to project/customer requirements.

A career in cybersecurity should be accessible for everyone. We encourage all applicants, regardless of race, ethnicity, gender, age, sexual orientation, disability, or neurotype. We want to ensure our hiring experience is inclusive, fair, and accessible but recognise that as a new company, we might sometimes miss something.