Cyber Security Architect in City of London

This organisation is redefining what’s possible in European defence technology, delivering speed, resilience, and technological independence at a pace that sets a new standard. It operates as a small, elite, and highly capable team focused on solving complex, high-impact problems with urgency and precision.

They are seeking a Principal Security Specialist to take a leading role in shaping and executing security strategy across the organisation. This is an opportunity for a senior, high-calibre security professional to define standards, build core capabilities, and operate with a high degree of autonomy in a mission-critical environment.

The successful candidate will own key areas spanning SIEM, incident response, and system hardening, while also influencing broader security architecture and compliance.

The Principal Security Specialist will:

• Lead the design, build, and operation of a centralised SIEM capability, aggregating and analysing logs across infrastructure, networks, and applications.
• Define and drive the organisation’s approach to threat detection, log analysis, and incident response, establishing robust baselines and alerting strategies.
• Take ownership of security incident investigation end-to-end, acting as a senior escalation point and ensuring rapid, effective resolution.
• Set and enforce system and application hardening standards across Linux and Windows environments, ensuring consistent and auditable security controls.
• Oversee vulnerability management practices, ensuring risks are identified, prioritised, and addressed effectively.
• Partner with Information Security and leadership to ensure alignment with regulatory and compliance frameworks (e.g. Cyber Essentials, ISO 27001, DEF STAN, Grundschutz).
• Contribute to broader security architecture decisions, balancing risk, usability, and operational performance.
• Establish and maintain high-quality documentation covering security controls, SIEM architecture, incident response procedures, and audit requirements.
• Mentor and guide others on security best practices, raising the overall security capability of the organisation.

The ideal candidate will bring:

• Significant hands-on experience designing and operating SIEM platforms (e.g. ELK Stack, OpenSearch, Wazuh, Microsoft Defender), including real-world incident detection and response.
• Deep expertise in Linux and Windows system hardening, with strong familiarity across frameworks such as CIS Benchmarks, STIGs, or equivalent.
• Strong scripting capability for automation, log parsing, and detection engineering.
• Experience operating in compliance-driven or highly regulated environments.
• A strong security engineering mindset, with a focus on access control, threat modelling, detection, and auditability.
• The ability to design pragmatic, effective security controls that balance risk with operational efficiency.
• High levels of autonomy, sound judgement, and the ability to operate as a senior individual contributor in a fast-paced environment.

Due to the nature of the work, applicants must be British citizens (or dual nationals with British citizenship) and eligible for UK Security Clearance (SC), with the potential requirement for Developed Vetting (DV).

The opportunity to play a key role in one of Europe’s most consequential defence and technology initiatives includes high ownership and autonomy, close collaboration with leading experts across engineering, operations, and defence, and a fast-paced, execution-focused environment where security decisions have immediate and tangible impact.

A culture built on clarity, integrity, and excellence supports individuals who take initiative and operate with accountability, along with competitive compensation and meaningful equity aligned to impact and responsibility.