Duration: 12 months

Location: Hybrid / 1 day PW on-site in Croydon

Umbrella Only

Due to the urgency and sensitivity of the work, active SC Clearance is mandatory.

Responsibilities

As a Security Architect, you will:

• Design and implement secure architectures across applications, platforms, and infrastructure
• Define and apply security architecture patterns, including Zero Trust and defence-in-depth strategies
• Lead security design for cloud-based solutions (AWS, Azure, and/or GCP)
• Architect and govern identity and access management (IAM), including authentication, authorisation, and privileged access
• Design secure network architectures covering encryption, key management, and secure connectivity
• Embed application security principles, including secure APIs, data protection, and threat modelling
• Ensure systems are designed for security resilience, availability, and risk mitigation
• Collaborate with engineering, platform, and delivery teams to embed security across the lifecycle

Must-Have Skills & Experience

• Proven experience working as a Security Architect in complex environments
• Strong expertise in secure architecture design across enterprise systems
• Solid understanding of Zero Trust, defence-in-depth, and modern security patterns
• Hands-on experience designing security for cloud platforms (AWS, Azure, and/or GCP)
• Deep knowledge of IAM, authentication, authorisation, and privileged access management
• Strong background in network security, encryption, and key management
• Experience with application security, including threat modelling and secure data flows
• Ability to design systems with security resilience built in
• Active SC Clearance

Nice-to-Have Skills

• Hands-on experience with cloud security tooling (e.g. AWS Security Hub, Azure Defender, Sentinel)
• Experience securing containers and Kubernetes (image scanning, runtime protection, policy enforcement)
• Exposure to regulated or highly secure enterprise environments
• Security or architecture certifications such as CISSP, CCSP, TOGAF, AWS/Azure Security Specialty
• Familiarity with SIEM, security monitoring, logging, and observability tools
• Experience embedding security controls into DevOps and SRE practices