Lead Security Architect

Are you an experienced Security Architect looking to make a real impact? We're seeking a Lead Security Architect to help design, assure, and deliver secure technology solutions supporting highly sensitive and mission-critical environments. This is an opportunity to work on complex programmes where security is embedded from the outset, collaborating with multidisciplinary teams to solve challenging technical problems across cloud, infrastructure, software engineering, and DevSecOps environments.

The Role

As a Lead Security Architect, you will provide technical leadership and security assurance across a range of projects, from proof-of-concepts through to live operational services. You will work closely with engineering teams, stakeholders, and subject matter experts to ensure security is integrated throughout the delivery lifecycle.

Key Responsibilities

• Lead the design and delivery of secure architectures for complex systems.
• Conduct risk assessments and implement proportionate security controls.
• Define security strategies aligned to project and organisational objectives.
• Collaborate with software, infrastructure, DevSecOps, and cyber security teams.
• Produce security artefacts, assurance documentation, and evidence for compliance requirements.
• Design solutions to identify, manage, and mitigate vulnerabilities.
• Support secure-by-design approaches across development and operational environments.
• Provide technical guidance and leadership on security best practices.
• Engage with stakeholders, accrediting authorities, and assurance teams throughout project delivery.

Essential Skills & Experience

• Security architecture experience within highly regulated or secure environments.
• Risk management expertise using recognised frameworks such as NIST 800-53.
• Experience designing security controls across networks, endpoints, identity, cryptography, and cloud platforms.
• Strong understanding of secure development practices and secure-by-design principles.
• Experience producing security documentation, risk assessments, policies, and assurance artefacts.
• Knowledge of Agile, DevSecOps, CI/CD, and secure delivery methodologies.
• Ability to work effectively with technical teams and senior stakeholders.
• Excellent written communication and documentation skills.

Desirable Experience

• Knowledge of JSP 604, JSP 453, and assurance processes.
• Experience working with government accreditors or security assurance bodies.
• Understanding of defence, national security, or safety-critical environments.
• Familiarity with technologies such as: Azure and AWS, Docker and Kubernetes, Apache Kafka and NiFi, Node.js and TypeScript, MongoDB, AI and Machine Learning technologies.

Security Requirements

Due to the nature of the work, candidates must either hold current UK Security Clearance or be eligible and willing to undergo the clearance process. Applicants must have the right to work in the UK and satisfy relevant vetting requirements.