[Up to c. £230k Comp Package | Hybrid Working - 3 Days in Office]
We're partnering with a market-defining pensions investment firm undertaking a large-scale transformation of its technology and security landscape. Backed by strong executive sponsorship, they’re redesigning core architecture, building cloud-native systems, and investing in a high-trust, hands-on security function to future-proof operations. This is a unique opportunity to shape the security architecture of a business responsible for safeguarding over £65 billion in assets - where your input won’t sit on the shelf, but will be built, deployed, and relied upon...
Key Responsibilities
* Lead the design and development of secure architecture patterns across cloud-native infrastructure (AWS/Azure), serverless systems, and distributed environments
* Collaborate closely with engineering and product teams to evaluate architecture proposals, reduce risk, and embed intuitive security controls across the SDLC
* Perform security-focused architecture reviews of key platforms and workflows, guiding engineering teams through the development phase with secure-by-design advice
* Translate complex threats into architectural controls and reusable policy-as-code modules that prevent risk before it materialises
* Support cloud security strategy through templates, IaC modules, and proactive risk reduction initiatives
* Advocate for secure development practices - from CI/CD pipelines to containerised workloads - ensuring that friction is addressed with empathy and practical value
* Apply threat modelling frameworks to uncover vulnerabilities and recommend architecture-level mitigation strategies
* Work directly with developers and infrastructure teams to align real-world engineering goals with enterprise security objectives
What You Bring...
* 6+ years’ experience in Security Engineering, Software Engineering, or Security Architecture roles
* Proven track record of designing secure systems within cloud-native environments (AWS or Azure)
* Comfortable developing IaC (Terraform or similar), automating security controls, and contributing to secure infrastructure practices
* Strong understanding of modern security principles, threat actor behaviour, and risk frameworks (NIST preferred)
* Skilled in collaborating with developers to find practical, low-friction ways to implement secure patterns
* Confident communicator across technical and non-technical teams, with the ability to influence architecture-level decisions
* Deep familiarity with secure development tooling, infrastructure design, and threat modelling practices
* Background in highly regulated environments such as financial services, insurance, or pensions
* (Preferred) Degree in a related field and/or certifications such as CISSP, CISM, or equivalent
* (Preferred) Experience contributing to architectural governance, documentation, and change control in scaled organisations
..