MERITUS are recruiting for a Security Architect to join our client supporting critical Central Government and Defence programmes, delivering secure, resilient, and high-quality architecture solutions across complex enterprise and cloud environments.
Security Architect – 10 month contract – £900 per day (Outside IR35) – Andover – SC Clearance required.
Key Responsibilities
* Lead security architecture activities across complex projects and programmes within Central Government and Defence environments.
* Design and assure secure enterprise, cloud, hybrid, and on‑premises architectures aligned to business and technical requirements.
* Collaborate with multidisciplinary teams to ensure security considerations are embedded across the entire delivery lifecycle.
* Conduct security threat modelling, risk assessments, and security architecture reviews for critical systems and services.
* Develop and maintain security reference architectures, standards, principles, and best practices.
* Support IT Health Checks (ITHC), penetration testing exercises, and remediation activities.
* Provide technical security leadership and governance across development, integration, and delivery teams.
* Work with customers, stakeholders, and accreditors to define security requirements and advise on risk mitigation strategies.
* Ensure adherence to security frameworks, regulatory requirements, and industry standards including GDPR, OWASP, and NCSC principles.
* Support the design and implementation of DevSecOps pipelines, secure CI/CD processes, and automated security tooling.
* Contribute to enterprise security strategy, architecture governance, and continuous improvement initiatives.
* Support business development activities including bids, proposals, pre‑sales engagements, and client demonstrations.
* Identify emerging cyber security trends, technologies, vulnerabilities, and assess their relevance to customer solutions.
* Provide mentoring, leadership, and guidance to junior architects and engineering teams.
* Communicate complex security concepts effectively to both technical and non‑technical stakeholders.
Skills & Experience
* Proven experience working as a Security Architect within Central Government, Defence, or highly regulated environments.
* Strong understanding of enterprise security architecture principles, methodologies, and frameworks.
* Hands‑on experience performing threat modelling, security risk assessments, and secure solution assurance.
* Experience designing secure cloud and hybrid architectures using Microsoft Azure and/or AWS.
* Strong understanding of DevSecOps, CI/CD security, and secure software development lifecycle (SSDLC) practices.
* Knowledge of secure architecture patterns, secure web application development, and API security.
* Experience implementing and governing security controls aligned to OWASP, NCSC Cloud Security Principles, and GDPR.
* Strong understanding of authentication and authorisation technologies including SAML, OAuth2, OpenID Connect, Active Directory, ADFS, and LDAP.
* Experience supporting penetration testing, vulnerability remediation, and IT Health Check activities.
* Experience working with multidisciplinary Agile delivery teams across complex technical programmes.
* Ability to engage with senior stakeholders and communicate security risks and architectural decisions clearly.
* Strong understanding of enterprise integration, infrastructure, and data security principles.
#J-18808-Ljbffr