Read all the information about this opportunity carefully, then use the application button below to send your CV and application.
Security Architect
2-3 days Bristol then rest remote
6 months likely extension
£600pd outside IR35
Active DV or SC clearance required
Key Responsibilities
Architecture & Design
* Develop secure architecture designs for container platforms (e.g., Kubernetes, OpenShift, Docker).
* Architect and strengthen security controls across virtualisation technologies, including VMware, Hyper?V, and cloud-native virtualisation frameworks.
* Produce high-quality HLDs/LLDs, security patterns, and architectural governance artefacts.
* Ensure designs align with NCSC guidance, industry best practices (e.g., CIS Benchmarks), and organisational policy.
Security Assurance
* Conduct security assessments and threat modelling against containerised and virtualised workloads.
* Validate platform configurations against security baselines, compliance frameworks, and risk appetite.
* Provide expert guidance during project delivery to ensure security by design principles are followed.
* Support accreditation activities and ensure all architectural documentation meets government standards.
DevSecOps & Platform Security
* Embed security controls within CI/CD pipelines.
* Advise on secure container image lifecycle management (build, scan, deploy, retire).
* Evaluate and implement tools for:
o Container security scanning (e.g., Trivy, Aqua, Twistlock)
o Runtime protection and workload isolation
o Secrets and identity management (Vault, KMS, etc.)
* Define security controls for ingress/egress, service mesh, and inter?container communications.
Stakeholder Engagement
* Work closely with engineering, infrastructure, and security operations teams.
* Act as SME for containerisation and virtualisation security.
* Communicate complex technical concepts to both technical and non?technical stakeholders.
* Influence and guide senior leadership on architectural decisions and risk.
Essential Skills & Experience
* Active SC Clearance (minimum).
* Proven track record as a Security Architect in large-scale or secure environments.
* Deep technical knowledge of:
o Kubernetes, Docker, and container orchestration platforms.
o Virtualisation platforms such as VMware vSphere/ESXi, Hyper?V, or KVM.
o Cloud platforms (AWS, Azure, GCP) and container services (AKS/EKS/GKE).
* Strong understanding of:
o Network and infrastructure security
o Zero Trust principles
o Identity and Access Management (IAM)
o Secrets management
o Workload isolation and micro?segmentation
* Knowledge of security standards and frameworks:
o NIST, ISO 27001, CIS Benchmarks
o NCSC Cloud Security Principles
o Government Security Classifications Policy
Desirable Skills
* Experience with OpenShift or enterprise Kubernetes distributions.
* Hands?on security tooling (Falco, Istio, Calico, etc.).
* Experience with SAST/DAST, SBOMs, and software supply chain security.
* Familiarity with automation tooling (Terraform, Ansible, Helm). xsngvjr
* Certifications such as:
o CCSK / CCSP
o CISSP
o CISM
o Kubernetes Security Specialist (CKS)
o VMware security-related certifications
If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.