AI Security Architect in City of London

ITC Infotech is looking for a Security Architect to join our team across the UK, London, Leeds and Edinburgh.

Aptitude: You have an innate capacity to transition from project to project without skipping a beat.

Communication: You have excellent written and verbal communication skills for coordination across projects and teams.

The Security Architect role sits within Technology - Strategy & Architecture - Enterprise Architecture Consulting, responsible for the overall architecture for the FCA’s business divisions. This includes quality assurance of architectural decisions, technical designs and other architectural deliverables (e.g. Architectural Impact Assessments) to ensure solutions are value for money, meet information security and business requirements, and are aligned to enterprise strategies, roadmaps, standards and patterns.

The Security Architect will primarily focus on the FCA’s Strategic Security Programme, implementing a wide range of Cybersecurity controls and will be responsible for the full Architecture solution of a Cybersecurity project from initiation through scoping, mobilization and delivery of benefits.

Key responsibilities include:

• Designing and producing architectural artefacts for end-to-end cyber security solutions, high level outlined architecture to detailed solution architecture, including required integration, that are aligned to architecture standards, meet the business vision and requirements, and consider all risks, costs, benefits, limitations, dependencies, deliverability and impact on the enterprise, technology and business architectures.
• Supporting and guiding project teams and product groups in delivery and implementation of end-to-end cyber security solutions.
• Playing a key role in the development and implementation of the FCA’s Information Security, Digital and Data Strategies, ensuring solutions adhere to and enable the implementation of strategies.
• Collaborating with product groups and enterprise architecture functions on defining enterprise and product architecture strategies and standards, building product roadmaps and resolving maintenance and post-go-live issues.
• Reviewing and quality assuring artefacts created by external suppliers and internal teams to ensure the quality of the delivered solution fulfils business and non-functional requirements and adheres to the strategic vision of the FCA.
• Engaging key stakeholders in business, product groups, security, and architecture function to identify capabilities, perform gap assessment, maturity assessment and document architecture to create a future.
• Researching cyber security technology trends and identifying opportunities to exploit innovation ensuring these are fully understood and explored.

Experience required:

• Experience as a Security Architect designing products, platforms, systems and components on multiple programmes and projects.
• Experience of working on the end-to-end project lifecycle, in a multi-technology environment.
• Experience of designing and managing the end-to-end delivery of multi-platform cyber security solutions.
• Exceptional critical thinker and problem solver, able to work with imperfect information in an environment of uncertainty whilst maintaining high standards, evidenced designs and documentation that consider regulatory, organisational and technology change requirements.
• Experience of designing and implementing cyber security platform solutions.
• Experience with delivery of significant Cyber Security projects in domains such as Attack Surface Management, Threat Detection and Response, Identity Access Management, Information Integrity and Protection and/or Infrastructure Security.
• Experience working with AWS technologies.
• Experience of best practice security architecture across all cyber security architecture domains and key platform technologies.
• Commercial awareness and hands-on experience at costing solution options, understanding procurement frameworks and promoting cost effective solutions.
• Strong experience of technical and environment interdependencies across projects and programmes.
• Solid knowledge foundation, including experience with formal architectural methodologies and frameworks, such as TOGAF, and experience in architecture modelling tools and agile methodologies.
• Evidenced continuous professional development and engagement with industry innovators and professional bodies.
• Proven experience using the SABSA framework to translate enterprise risks and business attributes into technical security architectures.
• Ability to engage with Senior Leaders and the Board to explain security posture in terms of Business Outcomes rather than technical vulnerabilities.
• Hands-on experience designing and securing estate consolidation across AWS and Azure, focusing on identity federation and cross-cloud security guardrails.
• Deep understanding of the FCA’s Operational Resilience and Consumer Duty requirements, ensuring security architecture supports "Important Business Services."
• Experience in implementing "Secure by Design" within Agile delivery teams and multi-supplier environments.
• Experience in governing security standards across third-party providers and critical technology partners.

Personal Qualities:

• Pragmatic Innovator: Able to balance "impenetrable security" with the need for Business Agility and the adoption of disruptive technologies.
• Ability to work seamlessly across architectural domains (Data, Business, Technical) to ensure security is an enabler, not a bottleneck.
• Capable of quickly grasping the FCA’s complex regulatory landscape and "hitting the ground running" on high-priority transformation waves.
• Resilient & Adaptable: Comfortable working with strategic ambiguity, particularly when navigating the security implications of emerging tech like AI and DLT.
• Takes ownership of the "Security Attributes" scoring and the long-term integrity of the security domain.
• Expert knowledge of SABSA (essential for risk mapping) and TOGAF (desirable).
• Familiarity with automated assurance tools (e.g., Terraform Sentinel, Azure Policy, AWS Config) to embed guardrails into CI/CD pipelines.

ITC Infotech is a leading global technology services and solutions provider, providing business-friendly solutions to help clients succeed and be future-ready, by seamlessly bringing together digital expertise, strong industry-specific alliances and the unique ability to leverage deep domain expertise from ITC Group businesses.

We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion, or sexual orientation. All employment decisions shall be made without regard to any protected status.