Security Architect - 3 Month Contract
Hybrid
Leeds, United Kingdom
Freelance
17-04-2025
Job Specifications
Who we are
CreateFuture is fast becoming the UK’s most recognisable digital consultancy, with years of experience building digital products and services for major organisations whilst putting our people first. We have offices in the centre of Edinburgh, Leeds, Manchester, and London as well as remote employees located throughout the country.
We are a team of creators - whether that’s code, project plans, go to market strategies, culture initiatives, marketing campaigns, large language models or people policies. And together, with our clients, we create the future. This has seen us collaborate and partner across a multitude of industries and sectors, with the likes of PayPal, adidas, Natwest, FanDuel and Money Saving Expert, to name just a few.
Our reputation as a partner determined to deliver high-quality, robust and thoughtful products has enabled us to scale to over 500 people in the last couple of years, and it is our amazing people - along with the safe, supportive and friendly culture we have built - that makes CreateFuture a great place to work. Don’t just take our word for it though, we have been recognised by Best Workplaces UK multiple years in a row - across a number of categories - and our employee exit rate is astonishingly low.
Join us on our journey… Let’s create something awesome, together, today.
About the role and team:
We’re looking for an Enterprise Security Architect to join CreateFuture, this is an exciting opportunity to bring your security expertise into a fast-paced, agile environment, where you'll shape and deliver secure, scalable solutions that drive real impact. You’ll be embedded within a collaborative client team, acting as a trusted advisor and technical authority on all things security — from risk assessments and architecture design to embedding best practices and future-ready solutions.
You’ll be supported by our diverse and experienced consultancy team at CreateFuture, while working hands-on with the client to push boundaries and solve complex challenges.
What you'll be doing:
Act as a security technical authority across key projects and services.
Define and develop security requirements, patterns, and architectural blueprints.
Assess risks and threats to systems and ensure security controls are embedded.
Collaborate with architects, engineers, and product teams to design secure solutions.
Translate regulatory requirements into practical, effective security designs.
Use Agile methodologies to manage work via Epics, User Stories, and Tasks.
Support proof of concept/value work for new technologies and platforms.
We'd love to talk to you if:
Solid experience in enterprise security architecture and hands-on InfoSec roles.
Proven ability to design and implement security solutions across complex environments.
Strong knowledge of risk, threat modelling, and regulatory standards (e.g. NIST, ISO 27001, GDPR, PCI-DSS).
Familiarity with tools like Sparx EA, Archi, JIRA, Confluence, GitLab, and AWS.
Ability to engage confidently with technical and non-technical stakeholders.
Security certifications such as CISSP, SABSA, CISM, GIAC, or CEH are a plus.
Next steps:
Our TA team aims to respond to all applications within a reasonable timeframe, regardless of if we are progressing with your application.
Our process:
30 minute call with our Talent Acquisition Team
1-hour Technical interview
We believe that representative teams made up of people with different backgrounds, skills, and points of view help us build the best workplace possible, and enable us to create genuinely innovative, broadly useful products.
We are committed to our goal of creating the most inclusive workplace possible. As we strive to build an environment where everyone can thrive and be themselves, we will continue to investigate and challenge biases, while working to identify and remove obstacles to inclusion. If you need additional support or accommodation during the application process, please don’t hesitate to let us know.
About the Company
CreateFuture was built to take action. With our 500-strong team of software engineering, strategy and design experts, across Edinburgh, Leeds, London and Manchester, we’re determined to get you exactly what you need. As with our past clients, we get to the root of your challenge and do everything it takes to create positive solutions by building digital products and services that solve problems. With years of experience helping catalyse major organisations into action, our rapid growth has been driven by people who seek t... Know more
Related Jobs
- Company Name
- Stott and May
- Job Title
- Azure AD Consultant (Security Cleared)
- Job Description
- Azure Active Directory Consultant (Azure AD) *candidates must hold an ACTIVE and transferable SC* Start: 2nd June Duration: initial 9-weeks Pay: negotiable, inside IR35 Location: ad hoc travel (minimal, must be commutable to central London) We're looking for a specialist engineer to lead a key identity and access management project for a client. You'll be responsible for designing and deploying a secure, best-practice solution to separate high-privilege user accounts across a hybrid On-Prem Active Directory (AD) and Microsoft Entra environment. What you'll be doing - Investigate the current hybrid AD/Entra setup and user provisioning process using Microsoft tools. - Identify all existing privileged users and roles across On-Prem and cloud environments. - Design and test a secure, compliant solution for privileged account separation in line with NCSC and Microsoft guidance. - Conduct user group testing and ensure minimal disruption during rollout to 30-150 users. - Support deployment, produce high-quality technical documentation, and create clear summary reports for client approval. What you'll need - Strong expertise in Active Directory (OU design, GPOs, Tier-0 models). - Advanced knowledge of Azure AD/Microsoft Entra ID, including role and identity management. - Hands-on experience with Azure AD Connect, including filtering, sync issues, and admin disentanglement. - Familiarity with Privileged Identity Management (PIM), JIT access, and PAW deployment. - Solid understanding of zero-trust security, least privilege, and change management principles. - Experience writing technical documentation, test plans, and client-facing reports. - Excellent communication and interpersonal skills, with the ability to manage multiple priorities and stakeholders.
- Company Name
- Public Sector Resourcing
- Job Title
- Security Architect
- Job Description
- On behalf of the Met Office, we are looking for a Security Architect (Inside IR35) for a 6 month contract based in Exeter office once per month. As the Security Architect within the Security Operations team of the Met Office’s Cyber Security Department, you will design and implement security solutions that protect Met Office digital services. You'll advise on enterprise security initiatives to further enhance our cyber security posture, safeguarding systems that are essential to public safety and national security. This role requires close collaboration with our Security Operations Center and Vulnerability Management teams to continuously improve our security services. This role will specifically support the deployment of our Network Detection and Response solution. As a Security Architect, your main responsibilities will be: * Design and implement enterprise security solutions for on-premises and cloud-based systems by applying technical architecture, risk management, and threat analysis to create solutions that are resilient from attack * Assess and improve security postures to address evolving cyber threats, keeping our operational defences proactive and effective by identifying risks and closing gaps * Develop security solutions that enhance our ability to protect, detect and respond to, and recover from cyber incidents * Lead and coach teams on cyber security practices, technical excellence, while fostering a culture of collaboration and personal development * Assess risks related to proposed changes and recommend security controls that support business objectives Essential: * Experience in designing and successfully delivering technical designs from concept to completion using standardised control frameworks (such as 27001/2) appropriately * Ability to develop and communicate security concepts (vision, principles, and strategy) that manage security risks to information, systems, and processes that support the delivery of balanced and cost-effective risk management decisions * Experience communicating security and risk effectively, apply security principles to business requirements to provide confidence * Ability to lead and coach personnel across departments on cyber security best practice to ensure common tools and patterns are used effectively to deliver secure solutions with proportionate controls to enable business outcomes. * Knowledge of industry security solutions including network detection and response, security information and event management, extended detection and response, threat intelligence and vulnerability management. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, the Met Office guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".
- Company Name
- Searchability NS&D
- Job Title
- Security Architect
- Job Description
- SECURITY ARCHITECT – OUTSIDE IR35 NEW OUTSIDE IR35 CONTRACT OPPORTUNITY AVAILABLE FOR A SECURITY ARCHITECT IN FARNBOROUGH Searchability NS&D has a permanent opportunity for an Security Architect to work across an exciting range of projects Must have active MOD DV Clearance Day rate up to £675 Outside IR35 Role is based in Farnborough – 3/4 days on site per week For more details please call me on 07842 002 256 or email shaun.varley@searchability.com WHAT WILL THE SECURITY ARCHITECT BE DOING? Risk Management within a Defence and Security Sector; Security / Cyber architectures are proportionate to the GSC of the systems; Security architectures are delivered in conjunction with other IT Architects and SMEs; Apply security design specifics to develop the security architecture; Strategic direction of Security projects; Producing evidence to meet various MOD regulations; Designing options and solutions to mitigate vulnerabilities; Working with various teams across the business including Software Engineering, DevSecOps Engineering, Infrastructure Engineering, Agile and Cyber Security; and Either holds or has recently held government security clearance already, or is suitable for and willing to go through the vetting process (suitability would include an absence of a serious criminal record, a right to work and live in UK and, preferably, a record of 5 years’ UK residency), SKILLS & EXPERIENCE DESIRED: Able to perform Risk management using industry approved methodologies (such as NIST 800-53). Identification of suitable risk management activities (technical, physical, or procedural) to treat /mitigate the identified risks; Support development in a secure by design methodology; Be able to work at a technical level with teams; Identification / design / selection of appropriate security components to provide security enforcing functions (e.g. network, endpoints, cryptography, authentication, authorisation, data inspection etc) for a variety of infrastructures including cloud environments; Legal and regulatory topics that merit consideration when conducting various activities in the field of cyber security; Creation of security documentation to support the development of a system, these could include: security Aspects, Risk Assessment, Risk Management, Security Policies, Security Test Plans/Results, Evaluation documents; Knowledge of JSP 604 / 453 and creation if assurance artefacts; and High standards in written report and design documentation. DESIRABLE: Knowledge and experience of Agile, DevSecOps, CI/CD principles and their application in secure environments Appreciation of the constraints and requirements imposed on development within secure, safety critical environments Concepts and technologies that are used to engineer systems which inherently protect systems; Understanding of MOD and other departmental IT in defence and security Experience of working with MOD Accreditors; and Knowledge of Onsite / project tech stack includes but is not limited to Azure, AWS, Docker, Kubernetes, Apache (NiFi, Kafka), NodeJS, Typescript, MongoDB, AI, Machine Learning etc. TO BE CONSIDERED…. Please either apply by clicking online or emailing me directly to shaun.varley@searchability.com - I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Shaun Varley. I look forward to hearing from you. SECURITY ARCHITECT KEY SKILLS: SECURITY / ARCHITECT / DEFENCE / GOVERNMENT / SECURITY CLEARED / SECURITY CLEARANCE / SECURITY CHECK / DEVELOPED VETTING / DEVELOPED VETTED / DV CLEARED / DV CLEARANCE / DEEP VETTED / DEEP VETTING
- Company Name
- Harvey Nash
- Job Title
- Network Field Engineer
- Job Description
- Network Engineer| 12 Month Contract (TBC) | (Outside IR35) | Hybrid (Edinburgh) | Starting ASAP Market Rates You will be a Network Engineer with extensive practical day to day and some strategic Cisco switching and routing experience with a CCNA certificate at minimum. Though experience in Palo Alto, F5, Collaboration, VPN, Windows and Linux is advantageous. You need to be technically skilled and have the drive and the ability to be proactive to deliver results as part of the overall change programme. You will need to be able and experienced in travelling to all parts of Scotland, this includes some days at the weekend and at nights will be required to deploy our SD-WAN solution as well a nationwide LAN upgrade program. Promoting best practice in network management you will ensure that policy and procedures maintain quality assurance levels of a high standard. Main Duties: The key focus for this role at the start is to focus on the following projects: Deployment of SD-WAN solution to 50+ sites in Scotland, upgrade of estates wide LAN hardware/software (Triage of site failures over 50+ sites), Wi-Fi system upgrade (New controllers, AP's, expansion of coverage etc). More projects are in the works so there is scope for more works around F5, Data centre movement, management systems, VPN change to come. Programme Delivery Consult in the delivery of a design and strategy around managing a large multi-site network including SDWAN, WiFi and LAN active projects leading to you implementing said designs. Provide effective, timely and accurate advice and sound professional judgement to colleagues on networking/infrastructure design ensuring design principles are adhered to, Represent Change and Digital Innovation (Networks team) at meetings both internal and external in relation to the change programme. Consult on the overall network roadmap based on the 3 year and 5 year business plan. Provide technical design consultation to DDIA and network security. Policy and governance Ensure design compliance within PSN networks and the appropriate policies and procedures Advise best practice to Coordinate, maintain and develop existing systems to meet the needs of the business and supported Justice Partners as part of the change programme Communication Consult with operational colleagues to identify improvements to service provision to meet the ongoing and future needs of the client Attend meetings and network events as required and identify and share best practice methods Attend CAB (Change Authority Board) meetings when required to further explain submitted/proposed Network changes in line with the change programme. Ensure all collateral required by Project Managers is provided within agreed timescales. Service Development Consult with others within the business and outside agencies to continuously improve service provision and make suggestions for improvements to systems and processes based on the network roadmap. Keep current with market trends and new products in area of your specialism. Essential Skills & Experience: Proven up to date experience of Cisco equipment (2960X/XR, 4500, 9000 series as well as Nexus Switches), ideally supported by a recognised network certification. Knowledge of troubleshooting physical network site infrastructure Experience of building, managing and maintaining high availability networks with Cisco devices Working knowledge or experience in some or all of the following subjects: Cisco Networking, Unified Communications, WLC, F5 VPN, F5 Silverline/XC, IPsec tunnel and Palo Alto Firewalls. Experience of running, using and implementation of network monitoring solutions Experience of designing load balancing services Ability to work in partnership with IT colleagues and operational colleagues This role has been deemed Outside IR35 by the client. Applicants must hold, or be happy to apply for, a valid Basic Disclosure Scotland. Please click the link to apply.