Description

Security Architect – 9 months – up to £(Apply online only)pday -hybrid)

Our client is looking for an experienced Security Architect to work in a hybrid capacity with 2 days on-site at either the London, Bristol or Manchester office

This is a 9 months role with a daily rate between £(Apply online only) pday inside IR35

Your role:

Design and work to continuously improve the security of our platforms and services

Develop and communicate meaningful security policies

Prioritise and deliver recommendations and improvements in response to incident reviews

Advocate for a risk based, outcome driven view of secure architecture

Identify and promote best practices for multidisciplinary teams to deliver robust, resilient, secure and scalable solutions

Facilitate team meetings, sizing and planning meetings, and incident reviews

Ensure the team has good processes in place

Communicate concerns, risks and issues with the broader team and senior management

Experience required:

Have a deep understanding and extensive experience in security-specific technologies and systems

Are exploring and identifying security options tailored to complex enterprise solutions, while assessing the risks associated with proposed changes

Are designing the security posture for federated, decoupled, and complex systems in cloud environments (AWS)

Have experience with network and boundary protection technologies, such as firewalls, gateways, antivirus solutions, and cross-domain systems

Have excellent understanding and experience in authentication and authorization technologies (e.g., SAML, AD, LDAP, OIDC, OAuth 2.0, Federated IdPs, RBAC/ABAC, SSO), as well as cryptographic frameworks and protocols (e.g., PKI, digital signatures, TLS/mTLS, and encryption algorithms)

Able to perform threat models for strategic application systems, identify security design flaws and technology weaknesses, and define security design requirements to address cyber threats

Have knowledge of securing container orchestration platforms (e.g., EKS, Kubernetes RBAC, network policies, Docker)

Have knowledge of DLP (Data Loss Prevention) solutions

Have knowledge of security frameworks and best practices (e.g., NIST, ISO 27001, CIS, NCSC, OWASP Web, API security)

Have knowledge of SIEM tools and real-time threat detection systems