Security Architect
Duration: 12 months
Location: Hybrid / 1 day PW on-site in Croydon
Umbrella Only
Due to the urgency and sensitivity of the work, active SC Clearance is mandatory.
Responsibilities
As a Security Architect, you will:
Design and implement secure architectures across applications, platforms, and infrastructure
Define and apply security architecture patterns, including Zero Trust and defence-in-depth strategies
Lead security design for cloud-based solutions (AWS, Azure, and/or GCP)
Architect and govern identity and access management (IAM), including authentication, authorisation, and privileged access
Design secure network architectures covering encryption, key management, and secure connectivity
Embed application security principles, including secure APIs, data protection, and threat modelling
Ensure systems are designed for security resilience, availability, and risk mitigation
Collaborate with engineering, platform, and delivery teams to embed security across the lifecycle
Must-Have Skills & Experience
Proven experience working as a Security Architect in complex environments
Strong expertise in secure architecture design across enterprise systems
Solid understanding of Zero Trust, defence-in-depth, and modern security patterns
Hands-on experience designing security for cloud platforms (AWS, Azure, and/or GCP)
Deep knowledge of IAM, authentication, authorisation, and privileged access management
Strong background in network security, encryption, and key management
Experience with application security, including threat modelling and secure data flows
Ability to design systems with security resilience built in
Active SC Clearance
Nice-to-Have Skills
Hands-on experience with cloud security tooling (e.g. AWS Security Hub, Azure Defender, Sentinel)
Experience securing containers and Kubernetes (image scanning, runtime protection, policy enforcement)
Exposure to regulated or highly secure enterprise environments
Security or architecture certifications such as CISSP, CCSP, TOGAF, AWS/Azure Security Specialty
Familiarity with SIEM, security monitoring, logging, and observability tools
Experience embedding security controls into DevOps and SRE practices