Cyber Security Architect - Advanced Threat Response

We are seeking an experienced Cyber Security Architect - focusing on Advanced Threat Response (ATR) solution to be a part of the Architecture team, you will design and maintain end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work cross-functionally to deliver scalable, secure, and cost-effective security architecture solutions within a complex enterprise environment.

What you'll do:

• Define requirements, evaluation criteria, and success metrics for automated offensive security testing platforms and red/purple team tooling
• Lead vendor evaluations, proof of concepts (PoCs), and comparative product assessments
• Architect integration approaches, workflows, and security telemetry pipelines
• Produce detailed implementation plans, runbooks, and operational handover artefacts
• Coordinate tool onboarding, configuration, tuning, and validation
• Design scalable deployment patterns (including SaaS models, multi-tenancy, credential handling, and high availability architectures)
• Support purple team exercises and adversary emulation planning, translating red team findings into engineering controls
• Ensure security, risk, and compliance requirements are embedded throughout tool selection and operation
• Maintain vendor relationships, roadmap alignment, and manage lifecycle/replacement decisions

What you'll bring:

• Strong background in security engineering, offensive security, or security architecture
• Hands-on experience evaluating and deploying enterprise security tooling
• Strong Linux administration skills (system hardening, service management, troubleshooting, network tuning, secure baseline implementation, orchestration)
• Practical cloud management experience, including CI/CD pipeline design and implementation
• Proven experience running vendor evaluations and PoCs for enterprise security platforms
• Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK)
• Experience integrating security tooling outputs into SIEM platforms and broader security workflows
• Experience with tools such as SafeBreach, BloodHound, Microsoft EASM, or similar technologies is highly desirable
• Experience working within the Banking and Financial Services industry
• Relevant cloud certifications, particularly Google Cloud Platform
• Exposure to ML, AI, and data tooling within GCP environments
• Ability to work effectively across IT, DevOps, and Compliance teams to implement security controls
• Experience working in agile or iterative delivery models
• Right to work in the UK is mandatory for this role

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates