Security Architect in City of Westminster

Salary: £115,000 - 127,500 per year

Requirements

• Degree-qualified in a relevant discipline or an equivalent combination of education, training and professional experience.
• Proven experience working in a Security Architect or similar cyber security-focused role.
• Strong understanding of security architecture, risk management and secure solution design.
• Experience supporting enterprise-scale technology projects and programmes.
• Ability to engage effectively with technical and non-technical stakeholders.
• Experience working closely with development, engineering and DevOps teams.
• Knowledge of cyber security frameworks, standards and industry best practices.
• Strong analytical and problem-solving skills with the ability to assess and mitigate complex risks.
• Excellent written and verbal communication skills.
• Ability to work effectively within fast-paced environments while managing multiple priorities and deadlines.
• Experience collaborating with global teams and third-party suppliers across different time zones.
• Experience within highly regulated or critical infrastructure environments.
• Exposure to operational technology (OT) security.
• Experience conducting supplier assurance and third-party risk assessments.
• Knowledge of cloud security principles and modern application architectures.
• Relevant industry certifications such as CISSP, CISM, SABSA, TOGAF or equivalent.

Responsibilities

• Provide security architecture guidance and governance across projects and programmes.
• Define and own security scope, requirements and architecture for a range of technology initiatives.
• Drive security standards, patterns and best practices through established organisational processes.
• Partner with development and DevOps teams to ensure security requirements are effectively implemented.
• Advise project teams on security risks, controls and mitigation strategies.
• Identify and remove blockers impacting the successful delivery of security-related initiatives.
• Provide technical security expertise to support security policy and governance activities.
• Coordinate security design and review activities across internal security teams and stakeholders.
• Ensure key security risks and issues are identified, documented and appropriately managed.
• Ensure residual risks are captured and assigned to appropriate owners.
• Conduct first-line cyber risk assessments to identify vulnerabilities and potential threats.
• Support supplier assurance activities in collaboration with vendor assurance teams.
• Review new and existing supplier contracts to ensure appropriate security clauses and requirements are included.
• Develop and implement strategies to strengthen our security posture.
• Monitor emerging cyber threats, vulnerabilities and industry trends, recommending appropriate controls where required.
• Maintain accurate documentation and reporting relating to security assessments, incidents, compliance activities and risk management.

Technologies

• Architect
• Cloud
• DevOps
• Support
• Security
• TOGAF
• Embedded

This is a 6-month contract based in Warwick, UK, with a hybrid working arrangement of 3 days onsite per week and a day rate of £510 inside IR35. You will work closely with project teams, development teams, DevOps functions and wider security stakeholders to embed security throughout the project lifecycle, drive best practice and help ensure solutions meet business and regulatory requirements.