Senior Security Architect

We are looking for an experienced Security Architect to join our technology leadership team as the organisation’s senior security authority. Reporting directly to the CIO, you will define and own the security architecture framework, work hands‑on alongside engineering teams, and provide governance and expert review of the way security is designed and implemented across the business. This is a senior individual contributor role – you will be the go‑to security expert in the organisation, combining deep technical capability with the ability to communicate clearly at all levels, from engineers to board. You will help establish a culture of security by design, embedding best practice into every layer of the technology estate.

Key Responsibilities

• Security Architecture & Engineering

• Define and maintain the organisation‑wide security architecture framework, covering cloud, application, network, and data security.
• Work directly alongside engineering teams to embed secure‑by‑design principles into system design, infrastructure, and delivery pipelines (DevSecOps).
• Lead security architecture reviews for new projects, platforms, and third‑party integrations.
• Own the AWS security posture – including IAM/SCPs, Security Hub, GuardDuty, CloudTrail, and Config – ensuring controls are robust, scalable, and well‑governed.
• Define and enforce standards for identity and access management, secrets management, encryption, and network segmentation.
• Evaluate and recommend security tooling and services to strengthen the organisation’s security capabilities.

• Use ISO 27001 and related standards as the contextual framework for security governance, risk management, and policy development.
• Develop and maintain security policies, standards, and guidelines that are practical, enforceable, and aligned to the business risk appetite.
• Conduct regular risk assessments, threat modelling, and security reviews across the technology estate.
• Support audit, compliance, and assurance activities, including engagement with external assessors where required.
• Track and manage the security risk register, reporting on posture and remediation progress to the CIO and leadership team.

• Act as the primary security authority for internal stakeholders – translating complex security concepts for non‑technical audiences.
• Build strong relationships with engineering, product, and operations teams to ensure security is seen as an enabler, not a blocker.
• Contribute to board‑level and executive reporting on security posture, risk, and strategic initiatives.
• Stay current with the evolving threat landscape and emerging security technologies, sharing relevant insight across the organisation.

• Define and maintain a pragmatic AI security governance framework covering the adoption of large language model (LLM) services from providers such as Anthropic and OpenAI, AI‑powered tooling, and agentic workflow platforms.
• Identify, assess, and clearly communicate the security risks specific to AI systems – including prompt injection, tool misuse, data exfiltration via model inputs, insecure agentic behaviour, and supply chain risk from third‑party AI providers.
• Establish and enforce security standards for integrating LLM‑based services into internal systems, covering API key management, data classification, model context boundaries, and output validation.
• Define governance standards for Model Context Protocol (MCP) server deployments, ensuring that AI agents operating with tool access are subject to appropriate authentication, authorisation, and audit controls.
• Champion a balanced approach to AI security – enabling engineering and product teams to adopt AI capabilities at pace while ensuring risk is understood, quantified, and appropriately managed.
• Embed AI security review into delivery and procurement processes, ensuring new AI integrations receive proportionate threat modelling without creating unnecessary friction for teams.

What We’re Looking For

• Demonstrable experience as a Security Architect or senior security engineer, with a strong track record of hands‑on technical delivery.
• Defining SIEM Platform configuration to provide a proactive orchestration, alerting and response approach to security across the organisation.
• Deep expertise in AWS security services – IAM, SCPs, Security Hub, GuardDuty, CloudTrail, AWS Config, KMS, and related services.
• A working knowledge of Azure Cloud services, including EntraID, Azure Portal, and ARM.
• Experience embedding DevSecOps practices into CI/CD pipelines – SAST/DAST tooling, container security, secrets management, and infrastructure‑as‑code security.
• Strong knowledge of ISO 27001 and the ability to apply governance frameworks pragmatically in a fast‑moving technology environment.
• Experience conducting threat modelling, security architecture reviews, and risk assessments.
• Excellent communication skills – able to present security concepts clearly to both technical and non‑technical audiences.
• Comfortable operating as a senior individual contributor without direct reports.
• A clear understanding of the specific security challenges presented by AI and LLM systems – including agentic architectures, prompt injection, third‑party model risk, and the data handling implications of AI pipelines – combined with the judgment to develop governance that enables innovation rather than blocking it.
• AWS Certified Security – Specialty certification (or equivalent).
• Experience with Microsoft Sentinel or an equivalent SIEM platform.
• Experience with zero‑trust architecture and modern identity frameworks (OIDC, OAuth 2.0).
• Familiarity with SOC 2, Cyber Essentials Plus, or NIST frameworks.
• Experience working in a scale‑up or high‑growth technology environment.
• Familiarity with AI provider security models and trust frameworks (e.g. Anthropic, OpenAI), and awareness of emerging AI governance standards including the OWASP LLM Top 10 and NIST AI RMF.
• Hands‑on experience with Model Context Protocol (MCP), agentic AI orchestration, or AI automation platforms, with a practical understanding of the authentication, authorisation, and access control implications of these systems.

You’ll get to work in a fast‑paced and rapidly growing scale‑up with global ambitions that is cutting edge, passionate about sustainability and seeks to make the world a better place.

Our benefits

• Competitive salary and bonus
• London Office – 4 days a week in our London office and 1 day remote
• Direct access and influence at CIO level from day one.
• The opportunity to shape and own the security function in a growing technology organisation.
• Private Health Insurance
• Pension Scheme
• Life Assurance Scheme with death in service benefit of 4x salary
• Income Protection Scheme for long term illness
• Ride to Work Scheme
• Payroll Giving Scheme
• Season Ticket Loan to spread cost of travel over 12 months
• Eye Test every 2 years

Ohme is an equal opportunity employer. Diversity, Equity and Inclusion are at the heart of what we do and we encourage a culture where everyone can be themselves at work. We actively seek out a diverse range of talent and our policies ensure that every job application and employee is treated fairly, with equal opportunity to succeed and to feel included.