Security Architect
Duration: 12 months
Location: Hybrid / 1 day PW on-site in Croydon
Umbrella Only
Due to the urgency and sensitivity of the work, active SC Clearance is mandatory.
Responsibilities
* Design and implement secure architectures across applications, platforms, and infrastructure
* Define and apply security architecture patterns, including Zero Trust and defence-in-depth strategies
* Lead security design for cloud-based solutions (AWS, Azure, and/or GCP)
* Architect and govern identity and access management (IAM), including authentication, authorisation, and privileged access
* Design secure network architectures covering encryption, key management, and secure connectivity
* Embed application security principles, including secure APIs, data protection, and threat modelling
* Ensure systems are designed for security resilience, availability, and risk mitigation
* Collaborate with engineering, platform, and delivery teams to embed security across the lifecycle
Must-Have Skills & Experience
* Proven experience working as a Security Architect in complex environments
* Strong expertise in secure architecture design across enterprise systems
* Solid understanding of Zero Trust, defence-in-depth, and modern security patterns
* Hands-on experience designing security for cloud platforms (AWS, Azure, and/or GCP)
* Deep knowledge of IAM, authentication, authorisation, and privileged access management
* Strong background in network security, encryption, and key management
* Experience with application security, including threat modelling and secure data flows
* Ability to design systems with security resilience built in
* Active SC Clearance
Nice-to-Have Skills
* Hands-on experience with cloud security tooling (e.g. AWS Security Hub, Azure Defender, Sentinel)
* Experience securing containers and Kubernetes (image scanning, runtime protection, policy enforcement)
* Exposure to regulated or highly secure enterprise environments
* Security or architecture certifications such as CISSP, CCSP, TOGAF, AWS/Azure Security Specialty
* Familiarity with SIEM, security monitoring, logging, and observability tools
* Experience embedding security controls into DevOps and SRE practices
#J-18808-Ljbffr