Advanced Threat Response (ATR) Architect in London

Are you looking to leverage your expertise in advanced threat detection, adversary simulation, and security architecture within a complex enterprise environment? We have an exciting opportunity for you – Advanced Threat Response (ATR) Architect!

Careers at TCS: It means more. TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership.

Make an impact that matters through challenging and meaningful work.

Deliver ambitious transformation programmes for global clients.

Be part of a culture that values innovation, learning, and thought leadership.

The Role

As an Advanced Threat Response (ATR) Architect, you will join the Architecture team as part of a major cyber security transformation programme. You will be responsible for designing and maintaining the end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work closely with cross-functional teams to deliver scalable, secure, and cost-effective security architecture solutions.

Key responsibilities:

• Defining requirements, evaluation criteria, and success metrics for automated offensive security testing platforms and red and purple team tooling.
• Running vendor and product evaluations, proof-of-concepts, and comparative analyses.
• Architecting integration approaches, workflows, and security telemetry pipelines.
• Producing detailed implementation plans, runbooks, and operational handover artefacts, and coordinating rollouts with operational teams.
• Managing onboarding, configuration, tuning, and tuning validation for selected tools.
• Collaborating with stakeholders to design scalable deployment patterns, including SaaS models, multi-tenancy, credentials handling, and high-availability architectures.
• Supporting purple-team exercises and adversary emulation planning through appropriate tool selection and integration, and translating red-team findings into engineering controls.
• Ensuring that security, risk, and compliance requirements are addressed throughout tool selection and operation.
• Maintaining vendor relationships and roadmap alignment, evaluating emerging tools, and managing lifecycle and replacement decisions.

Your Profile

Essential skills/knowledge/experience:

• Very strong experience in security engineering, offensive security, or security architecture, with hands-on involvement in evaluating and deploying security tools.
• Strong Linux administration skills, including system hardening, service management, troubleshooting, network tuning, secure baseline implementation, and service orchestration.
• Practical cloud management experience, including CI/CD pipeline design and implementation.
• Proven experience running vendor evaluations, proof-of-concepts, and selecting enterprise security platforms.
• Solid understanding of offensive techniques and their mapping to detection and tooling capabilities, aligned to frameworks such as MITRE ATT&CK.
• Strong understanding of cloud architectures and operational considerations for hosting security tooling.
• Excellent stakeholder management, cross-functional coordination, and technical communication skills.
• Ability to translate technical trade-offs into business-focused decisions supported by clear pro-and-con analyses.
• Experience integrating security tool outputs into SIEM platforms, engineering workflows, and adjacent security tooling.
• Prior experience with tools such as SafeBreach, BloodHound, Microsoft EASM, or similar technologies.

Desirable skills/knowledge/experience:

• Experience working within the Banking and Financial Services industry.
• Relevant cloud certifications, particularly Google Cloud Platform.
• Exposure to ML, AI, and data tooling within GCP environments.
• Ability to work effectively across IT, DevOps, and Compliance teams to implement security controls.
• Experience working in agile or iterative delivery models.

Rewards & Benefits

TCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop, phone, access to extensive training resources and discounts within the larger Tata network. We offer health & wellness initiatives and sports events; we are the proud sponsor of the London Marathon.

Diversity, Inclusion and Wellbeing

Tata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the UK Equality Act 2010 and the UK Human Rights Act 1998. We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role.

As a Disability Confident Employer, we offer an interview to applicants with disabilities or long-term conditions who meet the minimum criteria for the role.

Next Steps:

Application Process (optional)

• Online application: You can apply directly through LinkedIn/ by uploading your CV.
• Skill-Based discussion: This will be a level 1 interview with the project team, it can be via video or in-person.
• Managerial discussion: This discussion will focus on behavioural aspects and person-organisation fit.
• HR Discussion: This will be with one of the members of the HR team and will cover your career journey, aspirations for growth, compensation and any other questions you may have.

Beware of Fraudulent offers: This is to notify you that TCS does not ask for any sort of payment or security deposit from candidates at any stage of the recruitment process. The firm never sends out job offers from free internet email services like Gmail, Yahoo Mail, and so on. TCS has not authorised any third-party company to collect money on their behalf. As a vigilant job seeker, beware of fraudulent recruitment activity and protect your interests!

Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion.

Join us and do more of what matters. Apply online now.