Security Architect

Hybrid

London, United Kingdom

Full Time

16-04-2025

Share this job:

Score my CV Apply

Job Specifications

APPLY HERE: Security Architect

What you'll be doing:
Develop, deliver and continually enhance a coherent approach to the design of secure client end-to-end solutions
Develop secure conceptual, logical and high level designs by identifying appropriate security controls to be embedded in solutions that meet business requirements whilst evidencing alignment to the target risk appetite.
Own the design and be able to articulate and justify design recommendations at security architecture assurance gates
Draft design documentation, options papers, risk assessments, stakeholder presentations and be able to effectively communicate these to both senior technical and non-technical stakeholders
Contribute to a reference architecture of established patterns, principles and guidelines
Research emerging technologies, new products and be able to position these in a coherent manner against the developing threat landscape and client risk appetite
Ability to distil complex information and concepts into key discussion points that identifies a path to resolution rather than only the identification of challenges
Contribute to the development of the Security Practice skills and capabilities to ensure consistent high quality of service delivery and expertise. Active coaching and mentoring of junior members of the team
Leading in the development of collateral to support Security Consulting ‘go to market’ propositions and service offerings.
Leading in the development and presentation of compelling client proposals collaborating with teams across our business.
Strong stakeholder management and relationship building skills at senior levels that will enable consensus building in the shaping of secure client solutions
Shaping, leading and delivering value through security advisory consultancy and through guiding secure transformational delivery engagements.
Providing security expertise across security standards and accreditations, measure and control the effectiveness of the security controls framework and maintain the Information Security Management System.
Deriving and delivering documented Information Security Management Plans which incorporate Regulatory, Legal and Compliance in relation to applicable security policies. Standards and guidelines
Assiting with the identification of identified risks and emerging cyber security vulnerabilities and threats. The subsequent analysis to quantify and lead risk mitigation plans
Work with Service Management to ensure that partners and suppliers adhere to agreed standards, policies and verify/evidence appropriate compliance and security KPIs
Work closely with 1st, 2nd and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy including regulatory and compliance considerations
Lead the development and enhancement of governance, risk and compliance aligned to policy, standards an industry good practice
Ensure that continuous assessment, identification, analysis and reporting of useful metrics to enable informed risk based decisions to be taken
Constructively challenge established processes and controls to identify, recommend and facilitate continuous improvement, ensuring that all personnel (including senior stakeholders) understand their responsibilities in relation to security risk mitigation and remediation
Review and verify that documentation relating to process and technical security controls are maintained

What experience you'll bring:
Minimum of 5 years’ experience in a multi-tiered IT enterprise environment / Governance, Risk and Compliance role
Minimum of 5 years’ experience in a Governance, Risk and Compliance role
A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes
Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines
Good knowledge of networking (switching, routing, firewalls)
Experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure)
An understanding of the native security capabilities and good practice within Cloud platforms (AWS and/or Microsoft Azure)
In-depth knowledge of modern security concepts, common attack vectors, malware, security analytics and threat intelligence.
A good understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE)
Experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc

DESIRABLE SKILLS AND EXPERIENCE
CISSP, CISM, CCSP, CRISC or equivalent experience
Good knowledge covering several of the following examples (this list is not exhaustive): AD, Cryptography, End User Computing, IAM, PKI, Server hardening, SIEM, SOAR, virtualisation (VMware)
Participate in pre-sales tasks and perform ongoing support of delivery collateral.
Familiarity with MITRE ATT&CK
Familiarity with ITIL

Who we are:
We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA

What we'll offer you:
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a Disability Confident Committed Employer - we want to see every candidate performing at their best throughout the job application and interview process, if you require any reasonable adjustments during the recruitment process, please let us know and we look forward to hearing from you.

We are proud supporters of Women in Data®. Connect, engage and belong to the largest free female data community in the UK – visit: www.womenindata.co.uk to join our community.
“Stay connected! Follow us on LinkedIn for updates on career opportunities and more.”

About the Company

Women are hugely under-represented in the Data industry – as things stand, male Analysts and Data Scientists outnumber their female colleagues 4 to 1. Addressing this imbalance isn’t just the right thing to do ethically. Data shows that everything from workplace satisfaction, to business profitability significantly improve when an organisation strives for greater diversity and inclusivity. Women in Data® plays a key role in driving for more accurate representation wherever data is being gathered and analysed. We provide t... Know more

Related Jobs

Company Name: ASOS.com
Job Title: Senior Security Engineer
Job Description: Company Description We’re ASOS, the online retailer for fashion lovers all around the world. We exist to give our customers the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you’re free to be your true self without judgement, and channel your creativity into a platform used by millions. But how are we showing up? We’re proud members of Inclusive Companies, are Disability Confident Committed and have signed the Business in the Community Race at Work Charter and we placed 8th in the Inclusive Top 50 Companies Employer list. Everyone needs some help showing up as their best self. Let our Talent team know if you need any adjustments throughout the process in whatever way works best for you. Job Description As one of our Security Engineers, you are passionate about security and great engineering practises. You will join a multidisciplinary team, working together with other Security Engineers, Product Managers and Security teams. As an Engineer, you will design, build and deliver secure, high-quality enterprise solutions across numerous initiatives within the organisation, spreading your security knowledge to an ever-expanding engineering community, increasing our security posture and helping identify and reduce our risk exposure when building applications. You will use your strong software/platform engineering skillset to help design and build tooling and integrations across a wide range of areas. You will gain deep knowledge on automated security tools and support the delivery and maintenance of these tools to empower engineers to build high quality, secure applications with minimal disruption to their delivery. Your impact will be felt within Cyber Security and wider by our tech communities, engineers and operations teams. Responsibilities Drive security efforts across ASOS Engineering (SecDevOps, Secure SDLC) through building scalable security tool integrations into the developer’s workflow. Provide documentation, training, guidance and support to teams using our tools. Develop tools, services and scripts to support with internal Security projects. Support with security risk decisions and influence technical architecture. Support with Application Security Assessments (incl. Threat Modelling, Attack Surface Analysis, Application Security Architecture Reviews and Security Code Reviews) where required. Support with security training around Security Best Practices. Understand and support teams with adherence to regulations (e.g. GDPR, PCI-DSI) Defining and explaining security non-functional requirements for development teams. Ability to articulate mitigation and development techniques around emerging threats to technical and non-technical stakeholders Work with other Security Engineers on collaborative projects and deliverables that support other Security & Fraud functions and business needs. Stay updated on emerging security threats, industry trends, and evolving technologies. Qualifications About You Experience in Cloud Security, Platform Engineering, Software Engineering, or related fields, with an emphasis on automation, DevOps practices, and tooling. Strong background in scripting and automation within a DevOps or continuous delivery environment. Solid understanding of key security scanning practices, including static and dynamic analysis, dependency and infrastructure scanning, and credential detection. Hands-on experience implementing application security tools and practices. Experience developing applications, scripts, pipelines, or automation using modern programming languages, containerization, and orchestration tools. Good grasp of object-oriented programming principles and commonly used programming languages. Familiarity with APIs, including REST and GraphQL. Strong communication and collaboration skills. Experience working within agile methodologies and an understanding of the software development lifecycle, including secure development practices. Knowledge of DevOps/DevSecOps principles, security best practices, and fostering a culture of security within development teams. Additional Information BeneFITS’ Employee discount (hello ASOS discount!) ASOS Develops (personal development opportunities across the business) Employee sample sales Access to a huge range of LinkedIn learning materials 25 days paid annual leave + an extra celebration day for a special moment Discretionary bonus scheme Private medical care scheme Flexible benefits allowance - which you can choose to take as extra cash, or use towards other benefits

London, United Kingdom

Hybrid

Full Time

06-05-2025

Company Name: dnevo Partners
Job Title: Cyber Security Specialist
Job Description: Our client, a city-based commodities business is seeking a Cyber Security Specialist to join this fantastic team. The role reports into the Into the Information Security Manager (ISM). Role Scope: Support the ISM in managing the confidentiality, integrity, and availability of electronic information, working within the Operational Resilience team. Enforce policies, support procedures, ensure regulatory compliance, and collaborate with various departments on security-related initiatives. The role is ideal for someone with technical expertise in cyber incident response and analysis. Key Responsibilities: Support Cyber Security Operations, Incident Response and Investigations. Enforce security policies and ensure regulatory compliance. Analyse security data using Excel, Python, and PowerBI. Conduct IT security risk assessments and basic security analysis. Respond to security incidents and document findings. Collaborate with IT, legal, and compliance teams. Maintain security documentation in Confluence and Jira. Develop and deliver security training programs. Manage vulnerability scans and penetration tests. Ensure compliance with GDPR, DORA, FCA, NFA, MAS & ACPR. Provide security updates to IT Risk Committee. Engage in professional development and obtain certifications. Create and deliver security presentations. Develop and monitor security KPIs and KRIs. Maintain the ICT Risk Management Framework. Create findings within the risk register, and track to resolution Assist with audits and operational resilience activities. Qualifications: Bachelor’s degree in Information Security, Computer Science, or related field. Experience in Cyber Security Operations with a track record in Incident Response and Investigations. Experience with Microsoft Defender and Sentinel. Knowledge of security analysis and incident response. Preferred experience in financial services information security. Proficiency in Excel, Python, PowerBI, PowerPoint, Confluence & Jira. Understanding of ISO27001, NIST CSF & CIS frameworks. Strong analytical, communication, and teamwork skills. Skills & Experience: 5+ years in enterprise cybersecurity IT, with Cloud and On-premise experience. Incident Response and Investigations experience. Microsoft Security certifications or equivalent (MS365 / Azure). Knowledge of modern operating systems, networking protocols, and cyber risks. Ability to manage multiple projects and maintain confidentiality. Effective communication skills for technical and non-technical audiences. Proficiency in MS Office and data visualisation tools like Power BI. Continual professional development and certifications (CISSP, GIAC, CISA, CISM) desirable.

London, United Kingdom

On site

Full Time

06-05-2025

Company Name: Meta
Job Title: Director, Network Production Engineering
Job Description: Working in an organization that owns its destiny (alt: Work in an organization with an E2E approach): Network Infrastructure is responsible for designing, building, and operating one of the largest networks in the world, which connects 3.2 billion people daily. This scale presents a unique opportunity to ensure high performance, robustness, and scalability in Meta's networks within data centers, global backbone, edge networks, and global CDN.- Opportunity to shape the future of mobile and fixed networks: We closely partner with Connectivity Service Providers (CSPs) globally to improve the state of the art technologies to ensure Meta's Family of Apps (Instagram, Facebook, Whatsapp, Messenger, and others) and Reality Labs products perform well over Mobile and Fixed (Wi-Fi) networks as they’re used by billions of people daily.-Making a dent in the way people experience Meta’s products: To ensure Meta's and CSPs network deliver traffic most efficiently, you will work closely with various teams and partners across the industry to drive several programs that aim to improve the Quality of Experience (QoE) of Meta products and services across CSP networks (this includes domains such as Radio, Wi-Fi, Fixed access, IP transport, fixed and mobile core, cloud services, etc.). The right leader for this role will be connecting the dots between technical and commercial domains to develop solutions that create a positive outcome for various stakeholders. This role requires communication versatility as by design you’d interface with industry-leading partners, including hardware/software vendors, systems solution providers and leadership teams.We seek someone with a strategic, creative, collaborative, and entrepreneurial outlook who feels comfortable solving complex problems at scale in a highly cross-functional environment. Director, Network Production Engineering Responsibilities: Craft and execute technical strategies and roadmaps that align with Network Infrastructure’s overall business objectives this includes influencing CSPs/Telecommunication companies, understanding current technical and business pain points, developing a vision, and driving the team to execute against plans. Stay on top of developments in the telecom domain, including technology R&D, use cases, and hardware/software evolution, and use these to inform the organization’s strategic direction. Empower the team to be the driving force behind innovative solutions and improvements in connectivity with CSPs and across the industry. Lead and manage a technical organization, providing guidance and mentorship to other managers and individual contributors. Collaborate with cross-functional teams, including product management, engineering, commercial, policy, and legal teams, in launching technical solutions that meet business needs and are aligned with our partners. Communicate technical information effectively to technical and non-technical audiences, including C-suite, senior leadership and external partners. Manage budgets and resources for technical projects and initiatives. Use your influence to steer peers in the industry towards technical solutions that enhance Meta’s product and experiences that rely on CSPs Networks. Minimum Qualifications: BS or higher in Telecommunications Engineering, Computer Science, Electrical Engineering, or equivalent degree/experience. Strong technical expertise in software development, cloud computing, and telecommunications. Must be able to understand low-level mobile architectures & system dependencies. Understanding mobile telecom infrastructure system architecture, network design principles, and designing or deploying telecom networks. Familiarity with access, backhaul, or core networking technologies such as IP/MPLS networks, optical networking, cellular 2G/3G/4G/5G, etc. Track record of managing complex programs with multiple internal and external dependencies through the entire lifecycle, from inception to completion. Proven ability to create a leadership bench through external hiring and internal development. Demonstrated experience recruiting, building, structuring, and leading technical organizations, including performance management. Proven track record of leading and managing high-performing technical teams Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams and external partners Strong understanding of industry trends and emerging technologies, with the ability to identify opportunities for Network Infra and Meta to leverage new technologies to drive innovation and growth. Preferred Qualifications: Experience as technical leader at a large Telecommunication company Good understanding of audio and video calling applications and related technologies. Good understanding of content delivery networks (CDN) and their architectures. Experience in new product introduction and technology deployment projects covering a wide range of hardware (radio access, IP, Mobile, compute) and software (OSS, BSS, SDN) technologies. Good understanding of mobile and fixed broadband network operators (service offerings, organizational structures, challenges, procurement processes, competitive landscape, etc) Familiarity with EMEA’s telecom industry: standards, certification bodies, technology providers, etc. About Meta: Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics. Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.

London, United Kingdom

On site

Full Time

06-05-2025

Company Name: Hymans Robertson
Job Title: Cyber Security Lead
Job Description: The Vacancy We currently have an exciting opportunity to join our IT department as a Cyber Security Lead, on a full time basis in our Glasgow office. What will your role look like? Our IT team is made up of enthusiastic and experienced IT professionals who provide innovative technology in a collaborative and supportive environment. This role sits within our IT networking and security team who are responsible for maintaining key cyber security technologies along with the underlying network infrastructure. For this role we are looking to recruit an experienced Cyber Security Lead, who would like the opportunity to expand their knowledge further in this area. You will be responsible for managing a small team of cyber security engineers, driving new cyber security initiatives, maximising the value we get from existing cyber security technologies including our M365 tenancy and assisting with colleagues and the IT Network & Security Manager to deliver the IT business plan. Our firm invests in the latest industry leading technologies to facilitate the delivery of our ground-breaking business solutions. We adopt integrated ways of working such as “DevOps” and employ Agile/Scrum methodology approach to manage our work. Though this is a varied role, your key tasks will include: Manage, mentor, and help to develop the cyber security team. Using Azure Devops, set and manage the teams project related and non-service desk tasks for the upcoming year. Manage, or act in an advisory capacity to members of the team for all service request tickets that relate to cyber security. Ensure the team comply with agreed service desk SLA’s. Look to adopt and get more value from our existing Microsoft Licensing Agreement. Work closely with the Security Operating Centre and Networking engineers, to drive security initiatives across the wider team. Participate in and deliver multi-discipline/cross team projects acting as the cyber security subject matter expert. Act as the technical lead and escalation point for all cyber security related queries. Research and advise on the latest cyber security best practises and solutions, make recommendations to the business where necessary. Provide a key technical mentoring capability to staff, participating in knowledge transfer and training sessions (a strong technical cyber security background is required for this role.) Ensure cyber security platforms are actively monitored and responded to in an appropriate way. Make use of automation tools to drive up efficiency, where possible. Technical involvement in scoping, researching, vendor selection, implementation, configuration, documentation and roll out of strategic security technologies – working with industry leading vendors. Work with fellow team members and the IT Network & Security Manager to build strategic partnerships and relationships with key vendors and suppliers. Evaluate emerging technologies in the marketplace and to raise a business case for adoption where tangible benefits can be brought to the firm. Continuous improvement – drive through identified improvements and/or additional controls and procedures as necessary to sustain our ISO-27001 and Cyber Essentials accreditation. Adhere to the firm’s Information Security standards, policies and procedures ensuring that they are embedded in everything that we do. Act in advisory capacity, to external audits and due diligence questionnaires. Key Technologies Strong practical knowledge of M365 stack from a security perspective (Defender, Azure) Vulnerability Management Web Application Filtering DLP Cloudflare Secure File Transfer Firewalls Remote Access/VPN PKI Infrastructure DNS Email Gateways Security Audits ISO27001 Cyber Essentials Desirable Technologies Azure DevOps (Scrum principles, Release Pipelines) Knowledge of Mitre Attack Framework Strong Networking Principals ITIL (Supervising Service Desk Queue) Strong Interest In all aspects of security Scripting (PowerShell, Python, Azure CLI, Yaml, etc) Microsoft Operating Systems (Desktop, Server) Exchange Online To succeed in and enjoy this role you are likely to have a real passion for and want to develop your career further within IT Security, you will currently be working at an architect level with a high level of experience in industry leading security products. In addition, you will be used to managing a small team of people. You should have experience (at a senior level) of implementing complex IT security projects and security infrastructure, ideally covering some of the specific technologies in our estate as well as sound document authoring skills. You will enjoy working as a part of a team and be adept at communicating complex technical concepts to the business and colleagues alike. Experience of working in an Agile/Scrum environment would be beneficial as would the ability to work in partnership with industry leading technology providers to deliver new projects. Qualifications Degree in IT, or relevant experience. The following IT Certifications would be advantageous (but not essential): Microsoft Certified Cybersecurity Architect Expert Microsoft - MCSE, MCSA, MCITP Security + Network + Checkpoint – CCSA, CCSE In addition to a competitive salary and access to our profit share scheme, we offer: A flexible selection of employee benefits, so you can choose a package that best matches your lifestyle and needs. A collaborative and encouraging work environment where your thinking and ideas are encouraged. On site mental health and wellbeing assistance. A commitment to helping you develop both personally and professionally, with mentoring opportunities and access to our award-winning learning portal, Aspire. Regular social activities, in addition to three days paid volunteering leave each year and a day’s leave to celebrate your birthday. Hybrid working so you can enjoy the positive wellbeing of working from home as well as the benefits of meeting colleagues in our sociable, modern office environments – with the expectation of two ‘in-office’ days per week. A flexible working window, allowing colleagues the freedom to work flexibly between the hours of 7am and 7pm. Please note, we recruit on a rolling basis so early applications are recommended to avoid disappointment. About Us Together, we’ve been building better futures for over 100 years. For our people, our clients and their people, our communities and the environment. We thrive on tackling complex problems. And we believe those problems are best solved by diverse teams – diverse in skills, approaches and backgrounds. Our independence lets our people be themselves and think freely, while working in a collaborative, supportive environment. We love innovative, independent thinking and want everyone to share their ideas. Working alongside employers, trustees and financial services institutions, we offer pensions, investments, benefits and risk consulting services, as well as data and technology solutions. With over 100...

Glasgow, United Kingdom

On site

Full Time

06-05-2025