Application Security Architect

Job Title: Application Security Architect

Location: Remote (with twice a month in Leeds Office)

Duration: 6 months – End date 21/12/2025 (Possible extension)

Engagement: Inside IR35 – Via Umbrella

Day rate: £800 Per day

We’re looking for an experienced Application Security Architect to a Global Healthcare client of ours on a contract basis. You’ll play a pivotal role in shaping and securing the design and development of key applications across their technology estate.

Key Responsibilities

• Collaborate with engineering and architecture teams to define technical security requirements and ensure cohesive, secure solutions.
• Lead on the resolution of high-priority and complex security incidents.
• Advise senior leadership on risk management strategies and mitigation plans.
• Oversee security for a portfolio of applications/projects from inception through delivery.
• Ensure security controls are effectively embedded throughout the SDLC.
• Maintain up-to-date InfoSec policies and technical security standards.
• Conduct vulnerability assessments, threat modelling, and architecture reviews.

What You’ll Bring

• Strong ability to translate technical risk into clear, actionable business terms.
• Hands-on experience with secure DevOps pipelines and development practices.
• Excellent stakeholder management skills across technical and non-technical teams.
• Proven track record in large, regulated environments with complex systems.

Requirements

• Bachelor’s degree in IT or equivalent experience.
• 5+ years in information/application security roles.
• Experience working in agile environments.
• Deep understanding of cloud security (Azure, AWS), OWASP, MITRE.
• Proven experience with policy interpretation and security implementation in real-world projects.

Preferred Skills

• Certifications such as CISSP, CCSP, CEH, Microsoft Azure/AWS Security.
• Working knowledge of GDPR, HIPAA, PCI-DSS.
• Familiarity with development in .NET, Java, Python, PowerShell, or Bash.
• Knowledge of tools like SIEM, SOAR, IDS, WAF, vulnerability management platforms.
• Experience with UI, API, microservices security patterns and cryptographic principles.
• Threat modelling and dynamic security testing skills.
• Background in business analysis or requirements engineering.