At a Glance
- Tasks: Design and implement security architecture while collaborating with teams to enhance security measures.
- Company: Leading cybersecurity firm focused on innovative solutions and team collaboration.
- Benefits: Competitive daily rate, flexible working days, and opportunities for professional growth.
- Other info: Inclusive workplace encouraging diverse applicants and providing support throughout the recruitment process.
- Why this job: Join a dynamic team and make a significant impact in the cybersecurity landscape.
- Qualifications: 3-5 years in cybersecurity architecture with hands-on experience in CIS Controls.
6 Month contract initially, based on up to 4 days per week onsite in London. Rate: £500-£600 per day via umbrella.
Key Responsibilities
- Security Architecture Design – develop and maintain security architecture patterns, reference models, and technical standards aligned to CIS Controls v8.
- CIS Controls Implementation – lead the deployment, tuning, and validation of CIS Safeguards across endpoints, networks, cloud platforms, and identity systems.
- Risk & Gap Assessments – perform maturity assessments against CIS Controls, identify gaps, and propose prioritized remediation plans.
- Security Engineering Collaboration – work closely with infrastructure, DevOps, and application teams to embed security‑by‑design principles.
- Threat Modelling – conduct system‑level threat modelling and recommend control enhancements.
- Security Tooling Integration – support integration of SIEM, EDR, IAM, vulnerability management, and configuration management tools to enforce CIS Controls.
- Documentation & Standards – produce architecture diagrams, security standards, and implementation guides.
- Stakeholder Communication – translate technical risks into business impact for leadership and project teams.
Key Skills & Experience
- Experience – ideally 3-5 years in cybersecurity architecture and engineering.
- Framework Expertise – deep, hands‑on experience implementing CIS Critical Security Controls in large‑scale enterprise environments (mandatory).
- Proven experience in: Zero Trust principles, Network segmentation, Identity and Access Management, Endpoint security.
- Cloud Fluency – demonstrated architectural design experience in secure cloud migrations and cloud‑native security practices, especially in Azure.
- Hardening Standards – expert‑level knowledge of CIS Benchmarks for operating systems (Linux/Windows), cloud platforms, and network devices.
- Communication – proven ability to bridge the gap between technical teams and business stakeholders, articulating security risks in plain language.
- Senior Stakeholder Management – proficient and experienced in communication at executive levels within the organization, reports, PowerPoint, and presentation.
Preferred Technical Proficiency Requirements
- Cloud Security – expert knowledge of Azure (Blueprints, Policy).
- Infrastructure as Code (IaC) – proficiency in Terraform, Ansible, or Bicep to enforce security configurations at scale (GitOps approach).
- Identity & Access Management (IAM) – deep understanding of Zero Trust Architecture (ZTA), RBAC/ABAC models, and integration with Enterprise IAM (Okta, Entra ID, Ping).
- Operating System Hardening – hands‑on experience applying CIS Benchmarks to Linux (RHEL, Ubuntu, Alpine) and Windows Server environments using automated configuration management.
Security Operations & Tooling
- Vulnerability Management – experience with enterprise tools such as Tenable.io, Qualys, or Rapid7 to map findings directly to CIS Control 7.
- EDR/XDR Integration – expert‑level deployment of tools (e.g., CrowdStrike, Sentinel One) to achieve full visibility across endpoints (CIS Control 6).
- SIEM/SOAR – experience designing log aggregation and automated response playbooks in platforms like Splunk, Microsoft Sentinel, or Google Chronicle to satisfy monitoring requirements (CIS Control 8).
- Asset Management – implementation of automated discovery tools (e.g., CMDB Lansweeper) to maintain a dynamic inventory of hardware and software (CIS Controls 1 & 2).
Network & Endpoint Security
- Micro‑segmentation – expertise in network design (NSX, Illumio, or Cloud‑native security groups) to enforce granular traffic control (CIS Control 12).
- Encryption – implementation of Data‑at‑Rest and Data‑in‑Transit standards (TLS 1.3, AES‑256, HSMs, and Key Management Systems).
We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience.
Cyber Security - Security Architect in London employer: LA International
As a leading employer in the cybersecurity sector, we offer a dynamic work environment in London that fosters innovation and collaboration. Our commitment to employee growth is evident through continuous learning opportunities and a culture that values diverse perspectives, ensuring that every team member can contribute meaningfully to our mission of enhancing security architecture. With competitive rates and a focus on work-life balance, we provide an attractive setting for professionals looking to make a significant impact in the field of cybersecurity.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security - Security Architect in London
✨Tip Number 1
Network, network, network! Reach out to your connections in the cybersecurity field and let them know you're on the hunt for a Security Architect role. You never know who might have the inside scoop on an opportunity or can put in a good word for you.
✨Tip Number 2
Prepare for those interviews by brushing up on your technical skills and understanding of CIS Controls. Be ready to discuss your hands-on experience with security architecture and how you've implemented these controls in past roles. Confidence is key!
✨Tip Number 3
Showcase your communication skills! As a Security Architect, you'll need to translate complex security concepts into business language. Practice explaining your previous projects and their impact on the organisation to non-technical stakeholders.
✨Tip Number 4
Don't forget to apply through our website! We love seeing candidates who are genuinely interested in joining us. Tailor your application to highlight your relevant experience and skills that align with the job description.
We think you need these skills to ace Cyber Security - Security Architect in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience in cybersecurity architecture and engineering. Use keywords from the job description, like 'CIS Controls' and 'Zero Trust principles', to show we’re on the same page.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Explain why you’re passionate about security architecture and how your skills align with our needs. Keep it concise but impactful – we want to see your personality!
Showcase Relevant Projects:If you've worked on projects involving cloud security or vulnerability management, don’t hold back! Share specific examples that demonstrate your hands-on experience and how you’ve tackled challenges in the past.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it makes the process smoother for everyone involved!
How to prepare for a job interview at LA International
✨Know Your CIS Controls
Make sure you’re well-versed in the CIS Critical Security Controls, especially v8. Be ready to discuss how you've implemented these controls in past roles and how they can be applied to the position you're interviewing for.
✨Showcase Your Cloud Security Skills
Since cloud fluency is key, prepare examples of your experience with Azure and secure cloud migrations. Highlight any architectural designs you've worked on and how you ensured security throughout the process.
✨Communicate Like a Pro
Practice translating complex technical concepts into plain language. You’ll need to demonstrate your ability to communicate risks to non-technical stakeholders, so think of scenarios where you’ve successfully done this before.
✨Prepare for Technical Questions
Expect in-depth questions about security architecture and engineering. Brush up on topics like Zero Trust principles, network segmentation, and endpoint security. Be ready to discuss specific tools and frameworks you’ve used, such as Terraform or CrowdStrike.
