Enterprise Security Architect

Security Architect / Senior Enterprise Security Architect (Contract)

Hybrid – Central London (4 days onsite); occasional site travel for workshops

6-month initial contract (likely extension), ASAP start

Day Rate:

  • Security Architect: £575 per day inside IR35
  • Senior Enterprise Security Architect: £690 per day inside IR35

Overview

Our client is seeking two experienced Security Architects (mid-senior and senior levels) to support a major enterprise-wide security transformation programme centred on the implementation of CIS Critical Security Controls (v8) .

You will play a key role in transitioning the organisation from its current security posture to a modern, CIS-aligned, security-by-design operating model , spanning cloud, infrastructure, and business systems.

Depending on your level, you will either:

  • Drive implementation and domain architecture (Security Architect), or
  • Lead enterprise strategy, governance, and roadmap ownership (Senior Enterprise Security Architect)

Responsibilities

✅ Core Responsibilities (Both Roles)

  • Design and implement security architectures aligned to CIS Controls v8
  • Conduct security maturity assessments and gap analysis
  • Embed security-by-design principles across engineering, DevOps, and infrastructure
  • Support integration of SIEM / SOAR, EDR/XDR, IAM platforms & vulnerability management tools
  • Develop architecture artefacts, standards, and implementation patterns
  • Perform threat modelling and risk analysis
  • Engage stakeholders and communicate risk in business terms

Additional Responsibilities – Senior Enterprise Security Architect

  • Own the end-to-end CIS Controls transformation roadmap
  • Define enterprise-wide security policies, standards, and governance
  • Lead multi-cloud security architecture (AWS, Azure, GCP)
  • Act as primary security SME for executive leadership
  • Drive large-scale cross-functional programmes
  • Establish KPIs and reporting for board-level visibility

Key Skills & Experience

✅ Core Requirements (Both Roles)

  • Strong experience implementing CIS Critical Security Controls
  • Deep knowledge of Zero Trust Architecture; IAM (RBAC/ABAC, Entra ID, Okta, Ping); Network segmentation / micro-segmentation; Endpoint security & EDR/XDR
  • Experience with CIS Benchmarks and system hardening (Linux & Windows)
  • Strong cloud security experience ( Azure essential )
  • Familiarity with SIEM platforms (e.g. Sentinel, Splunk) & Vulnerability tools (Tenable, Qualys, Rapid7)
  • Experience implementing automation / IaC (Terraform, Ansible, Bicep)
  • Excellent stakeholder communication skills

Additional Experience – Senior Enterprise Role

  • 10+ years cybersecurity experience , with 5+ in senior/lead architecture roles
  • Proven ownership of enterprise security strategy and transformation programmes
  • Experience designing security across multi-cloud environments
  • Strong experience in governance frameworks (NIST, ISO 27001, SOC2), policy and controls design at enterprise level
  • Ability to operate at executive and board level

Nice to Have Certifications

  • CISSP / CISM / CCSP
  • CIS Controls Practitioner (CCP)
  • TOGAF (Senior role)
  • Cloud security certifications (AWS / Azure / GCP)

What We’re Looking For

We’re looking for architects who can go beyond theory and compliance checklists:

✔ Deliver practical, scalable CIS control implementations

✔ Prioritise using CIS Implementation Groups (IG1–IG3)

✔ Define clear, measurable KPIs

✔ Drive automation-first security at scale

If you’re a hands-on Security Architect or a strategic Enterprise Architect with CIS expertise, we’d love to hear from you. Please apply promptly to be considered for either role.

Apply Now
Apply Now

Job Details

Company
Queen Square Recruitment
Location
London, UK
Posted