Security Architect

Role Overview

The Security Architect is responsible for defining, guiding, and assuring the implementation of security architecture and cyber resilience control across a range of systems, platforms, and services. This role provides strategic and technical security expertise to support the design, development and delivery of solutions, working closely with engineering teams, project stakeholders and business units.

Key Responsibilities

• Support the definition and integration of security requirements within projects, ensuring alignment with business needs and industry best practices.
• Provide security architecture guidance for the design and evolution of cloud services, applications, back‑office systems, and infrastructure solutions.
• Contribute to the assessment and management of security risks, supporting activities such as risk analysis, impact assessments, and audits when required.
• Collaborate with multidisciplinary teams (e.g. DevOps, system engineering, development and project management) to promote secure‑by‑design principles across all phases of delivery.
• Advise on the implementation of appropriate security controls (technical, procedural and organisational) to ensure the protection of systems and data.
• Support governance activities, including participation in design reviews, project checkpoints and change management processes from a security perspective.
• Promote best practices and continuous improvement in information security, contributing to the adoption of standards, frameworks and emerging technologies.
• Ensure that security considerations are appropriately documented and communicated to relevant stakeholders.
• Support the definition of processes that enable secure system operation, maintenance and service transition.
• Ensure compliance with organisational policies, standards and applicable regulatory requirements.

Working model

• First 3 months: 2 days onsite per week.
• Thereafter: fully remote with a maximum of 0‑1 day onsite (as required).

Requirements

Core Requirements

• Academic background or equivalent professional experience in a relevant discipline.
• Professional certification in Information Security (e.g. CISSP, CISM, CISA, CCSP or equivalent).
• Ability to operate in environments requiring mobility, where applicable.

Additional Assets

• Technical degree in fields such as Computer Science, Engineering, Mathematics or similar.
• Certifications related to security architecture, privacy or governance frameworks.
• Familiarity with recognised methodologies or best practices (e.g. IT service management, project frameworks).
• Vendor or cloud‑related certifications in security or infrastructure.

Experience & Technical Capabilities

Key Experience

• Proven track record in defining and implementing security architectures or contributing to security design at system or enterprise level.
• Experience working across the full system or software lifecycle, including secure development and integration practices.
• Exposure to security governance, risk management and compliance activities within complex environments.
• Solid understanding of enterprise IT ecosystems, including infrastructure, networking and systems.

Technical Knowledge

• Familiarity with commonly adopted security frameworks, standards and regulations (e.g. ISO 27001, NIST, data protection regulations).
• Understanding of network protocols, system architectures and core infrastructure components.
• Awareness of modern approaches such as DevSecOps and secure‑by‑design principles.

Additional Knowledge (Desirable)

• Experience working with cloud platforms and their associated security models (e.g. Azure, AWS, GCP).
• Knowledge of specialised domains such as application security, identity and access management or cryptography.
• Exposure to regulated environments, audit processes or industry‑specific compliance standards.
• Familiarity with security tools and technologies used for monitoring, testing and protection (e.g. SIEM, vulnerability management, endpoint security).
• Understanding of development environments, tooling and security testing practices.
• Awareness of quality standards and structured assurance processes.

Benefits

• Holidays: 25 days per annum + 8 days bank holidays (options to buy/sell days).
• Pension: 4% employee and 4% employer.
• Private medical insurance (including dental & optical).
• Life assurance.
• Income protection.
• Employee assistance programmes.
• Flexible/remote working options.
• Charitable initiatives.
• Social events (formal & informal).
• Learning and development programmes.
• Innovative & collaborative work environment.

Indra is an equal employment opportunity employer. Applicants are considered without regard to race, colour, religion, sex, sexual orientation, gender identity, origin, disability or other characteristics protected by law.