Must have the right to work in the UK.
Role Purpose
As a Security Architect, you will serve as a key technical expert within the Global Cyber and Information Security (GCIS) organisation. This role operates as part of a globally distributed team, with counterparts in the US and APAC regions.
Your primary responsibility is to define and develop security architecture frameworks, design patterns, reference models, standards, best practices, and technical specifications.
You will collaborate closely with Information Security peers, IT & Infrastructure teams, and business stakeholders across the enterprise to provide strategic and technical security guidance aligned with organisational goals.
Key Responsibilities
- Develop and maintain enterprise-wide security architectural standards, design patterns, and technical documentation.
- Continuously assess and recommend improvements to the global security architecture to enhance protection, manage risks, and optimise cost-effectiveness.
- Provide architectural oversight and consultation to project teams to ensure compliance with security standards and best practices.
- Design solutions that align security requirements with business objectives.
- Proactively identify architectural risks and recommend mitigation strategies.
- Lead evaluations of new security technologies, participate in proof-of-concept testing, and provide detailed assessments of proposed solutions.
- Foster collaboration with cross-functional teams to ensure security integration and architectural alignment.
- Partner with infrastructure, application, network, and business architects/engineers to ensure compliance with GCIS security standards and policies.
- Support security governance activities and contribute to risk mitigation initiatives.
- Occasionally assist with hands-on security configurations for commercial and internally developed systems.
Requirements
- Bachelor’s or Master’s degree in Computer Science or related field.
- Industry certifications such as CISSP, CISA, or GIAC preferred.
- Certification in architecture frameworks (e.g., TOGAF) is advantageous.
- Minimum of 3 years of experience with at least one major cloud provider (Azure, AWS, or GCP).
- Over 5 years of experience in networking, firewalls, endpoint security, identity and access management, and data protection.
- In-depth understanding of cloud service models (IaaS, PaaS, SaaS).
- Hands-on experience with industry-leading security tools across network, data, application, and cloud domains.
- Solid understanding and practical experience with compliance and security frameworks such as NIST CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR.
- Familiarity with enterprise architecture frameworks such as TOGAF.
Experience
- 5 to 10+ years of experience in cybersecurity.
- Demonstrated experience creating reference architectures, standards, and position papers.
- Proven track record of working within global, regulated environments.
Skills & Attributes
- Self-starter with a strong customer service orientation.
- Quick to understand and interpret complex technical information.
- Excellent verbal and written communication skills; able to present to both technical and non-technical audiences.
- Resilient, flexible, and capable of managing multiple demands—both planned and
- Effective multitasker with strong project and time management abilities.
- Practical problem-solver with a focus on actionable, realistic solutions.
Core Competencies
- Client Excellence – Understands client needs, manages conflict
- Innovation & Resourcefulness – Innovates, drives for results
- Teamwork & Interpersonal Skills – Communication, team collaboration
- Expertise – Business acumen, technical proficiency
- Integrity – Acts with integrity and builds trust
- Leadership – Vision, strategic thinking, change management, talent development
