Job Title - Security Architect
Location - London/Hybrid (2 days per week in office located near Elephant and Castle)
Our client is seeking a Senior or Principal Security Architect to define and govern secure-by-design patterns across two critical domains: internal corporate/production infrastructure and customer-facing managed networking and security solutions.
This is a high-impact leadership role responsible for establishing the guardrails, reference architectures, and assurance models that allow the business to scale rapidly without accumulating unacceptable risk.
The Mission
* Architectural Ownership: Define security reference architectures for corporate, production, and platform layers (UCP/UAP/UOP), establishing clear trust zones between management planes and customer environments.
* Identity & Access (IAM): Own the IAM strategy, including SSO, RBAC/ABAC, privileged access models (PAM), and break-glass procedures for both humans and automated workloads.
* Secure Platform Patterns: Specify security-grade observability requirements and define guardrails for secure automation, including secrets management and audit trails.
* Solution Hardening: Produce reference architectures and secure configuration baselines for major customer offers, such as managed firewalls, ZTNA/SSE, and observability services.
* Governance & Assurance: Integrate \"security gates\" into the product lifecycle and create customer-facing assurance artifacts (control statements and security posture summaries) to support the sales process.
What Success Looks Like
* Map the current security baseline and execute a pragmatic remediation roadmap.
* Ship standard \"security-by-default\" patterns for IAM, segmentation, and encryption that are actively adopted by Engineering and Ops.
* Measurably reduce material risks related to identity sprawl, privileged access, and logging gaps.
Who You Are
You are an enabling, not blocking architect. You are a systems thinker who understands blast radius and failure modes, with a commercial awareness of where security wins deals versus where over-engineering kills margins.
Core Requirements:
* Proven Experience: Significant security architecture experience spanning internal systems and customer-delivered managed services or SaaS environments.
* IAM Expertise: Deep knowledge of privileged access design and identity management for both users and automation.
* Infrastructure Competence: Practical experience with network segmentation, encryption, secrets management, and hardening in cloud/hybrid environments.
* Technical Communication: Ability to create implementable standards, decision records, and threat models that engineers can actually use.
High-Leverage Skills (Nice-to-Have):
* Experience in MSSP/MSP, Telecom, or Networking security (Firewalls, VPNs, SD-WAN).
* Experience building automated evidence pipelines for control monitoring.
* Familiarity with multi-tenant isolation patterns and supply chain security.