Principal Security Architect, Consulting

The Security Architect will be responsible for designing, implementing, and maintaining the security architecture of the client's IT systems and networks. The Security Architect will work closely with other IT teams, business stakeholders, and external partners to ensure that the security policies, standards, and best practices are aligned with the organization's goals and objectives. The security architect also monitors and evaluates the security posture of the organization and recommends improvements and enhancements to mitigate risks and threats.

• Shaping, leading and delivering value through technology advisory consultancy and through guiding transformational delivery engagements
• Strong stakeholder management and relationship building skills at senior levels that will enable consensus building and shaping technology direction
• Leading in the development and presentation of client proposals collaborating with teams across our business
• Leading in the development of collateral to support Technology Consulting 'go to market' propositions and service offerings
• Farming of accounts - working with account teams to support opportunity identification, qualification and sales
• Contribute to the development of practice members' skills to ensure a consistency of service delivery and expertise. Active coaching and mentoring of junior members of the team
• Develop, implement and continually refine a coherent approach and appropriate frameworks to support business transformation proposals, that includes presentations, specimen RFI/RFP content, methodologies, toolkits and deliverables.
• The Security Architect will have a strong foundation in the design of identity and access management, web service security, and data protection solutions implemented in a Java and AWS environment. They will have experience of creating high-level designs (HLDs) from non-functional requirements, following policies, standards, guidelines, and best practice security-by-design principles. They will own the design and be able to defend design choices at architecture assurance forums (e.g., TDA).
• The Security Architect must be comfortable drafting documents, preparing presentations, researching IT architecture and technology topics, and providing oversight to development teams. They must have the ability to abstract complex themes, problem solve, distil key discussion points, organise work, deliver to tight deadlines, and communicate with non-technical and technical stakeholders.

• Architecture design (HLD, SAD)
• Cloud-native (Microservice, EDA)
• Amazon Web Services (AWS)
• Security Web Gateway (WAF, API Gateway, Nginx)
• Identity & Access Management (IAM, WSO2)
• Key management (KMS, Entrust)
• Database security (RDS, PostgreSQL)
• Network security (GardDuty, Shield)
• Security frameworks (e.g., OWASP, NIST)
• UK legislation (e.g., DPA, UK GDPR)
• Agile methods (SCRUM)
• Sparx EA (UML)

• CISSP, CISM or SABSA Certified
• AWS Certified Security Specialty
• Java security (e.g., JCA, JAAS, JSSE)
• Security technology (e.g., ZTNA, SEIM, XDR, EDR)
• Familiarity with TOGAF

• Candidates must hold or be able to gain UK SC level Security Clearance or higher.
• Can only accept applications from British passport holders who meet this criteria.