Senior Software Security Architect
On site
Reading, United Kingdom
Full Time
22-04-2025
Job Specifications
About
We are searching for a Senior Software Security Architect / Senior Application Security Architect for a marketing leading and award-winning technology and data driven business.
The position is offered on a remote basis.
The role is hands-on and very software engineering focused - you will be responsible for establishing a secure SDLC and 'Secure by Design' approach/practice to be used by all of the Architecture and Software development teams.
The Role Will Involve
Developing, implementing, and maintaining application security architecture across the organisation. Ensuring our systems are designed with objectives like speed, scalability, robustness, zero-trust, automation and supportability at the core. Collaborating with the Architecture and Engineering Team to ensure security is an integral part of all development and deployment processes. Providing expert software security advice (design, coding, testing) to the Software Engineering Community, to InfoSec, DevOps and other teams. Defining and delivering secure software development of information to the software engineering teams. Escalating issues appropriately, to various teams and levels of authority inside the organisation. Interfacing with customers to ensure that security obligations are managed and met appropriately. About You
To be considered for this Senior Software Security Architect / Senior Application Security Architect role you will be able to demonstrate a successful track record and in-depth practical experience of the Software Development Life Cycle (SDLC) - you will have an excellent understanding of Software Development and Software Testing and you will have a strong understanding of multiple programming languages, such as, C++, C, C#, .NET Core, Java, JavaScript, Node.js, Angular, React or similar.
You Will Also Have/be
Experience in creating application security strategies, standards, best practices, and providing direct input to project teams and business stakeholders is essential. Experience working with security issues in software architecture, software development, e.g. static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling. In-depth experience working in an Agile software development environment, with classic applications as well as microservices, using modern code processing and continuous integration and delivery tools (e.g. GitHub, Jenkins, Bamboo). Good expertise in taking security policy statements and translating them into actual, implementable, security controls and techniques that can make our software applications demonstrably more secure and robust. Good understanding of common information security management standards, frameworks, and laws / regulations: e.g. ISO 27001, NIST, GDPR. Experience of open-source security tools and how they could be used in an enterprise. Experience of securing Azure cloud workloads and environments.
Please note, to be considered for this role you MUST have the Right to Work in the UK without company sponsorship and you MUST be based in the UK.
The Senior Software Security Architect / Senior Application Security Architect position is offered with an excellent range of benefits including: -
Generous Holiday Allowance - 25 days' holiday plus bank holidays, with the option of adding up to five (5) additional unpaid leave days per year. Annual Lifestyle Allowance to spend on an activity of your choice. Pension Scheme: Matched up to 6% for the first 3 years, and up to 10% thereafter. Private Health Insurance. Group Income Protection Scheme. Charitable Fundraising. Cycle to Work and Gym Flex Schemes. Internal Coaching and Mentoring. Training and Career Progression. Family-Friendly Policies. Remote Working. KEYWORDS
Senior Software Security Architect, Senior Application Security Architect, SDLC, Secure by Design, Architecture, Software Development, Engineering, DevOps, InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure.
Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position.
No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010.
Bowerford Associates Ltd is acting as an Employment Agency in relation to this vacancy
Nice-to-have skills
Software Development
Software Testing
C++
C
C#
Java
JavaScript
Node.JS
React
Agile
ISO 27001
Azure
Reading, England
Work experience
Security Architect
Software Architect
Languages
English
About the Company
TieTalent is the career growth platform dedicated to tech professionals. By being part of our community they access exclusive content and perks from our partners for services that help them expend their knowledge. When open for a new opportunity, companies apply for them for jobs they want. On their side, companies benefit from an intelligent system allowing them to hire rare talents in tech quickly and hassle-free, that they need to be successful. TieTalent launched in October 2018 and is already trusted by thousands of ... Know more
Related Jobs
- Company Name
- Double Eleven
- Job Title
- Senior Network Programmer
- Job Description
- We're looking for a Senior Network Programmer to join our award winning team in Middlesbrough (UK), home to the beautiful North Yorkshire coastline and countryside. As a Senior Network Programmer at Double Eleven, you'll play a major part in shaping how players experience our games. By building new features, optimising network performance and creating core mechanics, you'll ensure that we continue to create best selling games. Working with structure, you'll have the creative freedom to work in white space. In this role, you'll be the guiding force behind our talented team of developers, helping them grow, succeed, and deliver high-quality code. You'll work closely with diverse teams across various disciplines, combining your expertise with that of designers, artists, and developers to transform innovative concepts into immersive, interactive experiences that captivate and engage players. As a global gaming company, we've enabled millions to conquer Minecraft Dungeons, battle in Rust Console Edition and create new adventures in Fallout 76. Recently, we collaborated with Rockstar Games to bring Red Dead Redemption to the Nintendo Switch and PlayStation 4 as well as partnered with Obsidian Entertainment on Grounded: Fully Yoked Edition for Nintendo Switch and PlayStation 4 and 5. Double Eleven is a place where our people come first. Our 400-person team proudly represents over 30 nationalities. We strive to avoid crunch, we offer flexible working hours to allow you to truly enjoy work/life balance whilst making great games and any overtime is always planned, optional and paid. We can support UK relocation and have both a dedicated People and Operation teams on standby to assist you. On this occasion, we're unable to sponsor a visa for this role. What You'll Be Doing Work with every discipline to make sure our games perform great online and offline Define and develop robust networking code that leads the field Delight players with fantastic online performance Work with the lead programmer on creating the best architecture following best practices at an industry standard Collaborate with the QA Department to identify causes for any problems and possibly apply fixes Help develop highly efficient code for various projects Managing and mentoring team members around direction, knowledge and applied practice Implement industry standard security measures Implement industry standard multiplayer features on current gen/next gen architecture Come up with new exciting ways of approaching problems What We're Looking For Significant experience developing in C++ Great team working and communication skills Experience of developing and shipping a game which has online components Knowledge of low-level network APIs Knowledge of TCP/UDP Sockets, WebSockets, WebRTC and Concurrency Knowledge of various secure encryption techniques i.e: Open SSL Experience of the platform specific services and APIs on Xbox Live, PSN and Switch Knowledge and implementation of anti-cheat techniques Solid foundation of mathematics Computer Science degree Knowledge of Unreal Engine Qualifications All relevant qualifications considered What To Expect Working life at Double Eleven Start your day any time between 8:00am and 10:00am 35 working hours per week with a 1 hour lunch break (with the opportunity to flex down to 30 minutes or up to 2 hours) Opportunity to apply for hybrid working (up to 2 days working from home per week) 28 days annual leave (20 days annual leave + 8 days bank holiday) 1 day leave for your birthday and 1 day leave if you're moving house Up to 10 days discretionary annual leave during our end of year break Potential for annual performance bonus 5 additional days annual leave for 5 years service and a further 5 days annual leave for your 10 years service milestone A brand new, state-of-the-art studio facilities that includes a market hall serving nutritious, subsidised meals, round-the-clock gym access, an auditorium and more Free breakfast options, juice, hot drinks and fruit Employee referral bonus (up to £2000!) Electric Car Scheme Cycle to Work scheme Free game codes, game swag and merchandise Family-friendly leave available Christmas Saving Scheme Free parking Best-in-class tools and workflows so you can focus on creativity Professional development and wellbeing Vitality Private Healthcare, discounts and rewards for you, your spouse and children (upon the successful completion of your 6 month probationary period) Access to mental health and wellbeing support via Plumm (includes 4 free video therapy sessions per month for both the employee and up to 3 family members aged 18+), unlimited text therapy, courses, meditations A personalised development plan with dedicated support tailored to your growth and goals Access to an accredited Academy providing professional qualifications (and access to 500 UK discounts and offers via TOTUM when registered as a student) A dedicated Workplace Experience team responsible for work environments, workplace and quality of employee life services to help foster collaboration, creativity and innovation In-studio wellbeing programmes and People team support Team life Free activities via our Bus Tours programme (where on occasion, partners and children are welcome to join you) Many team events to celebrate team and game milestones Sponsored team activities including football, basketball, book club, movie club and more Opportunity to contribute to our internal Employee Diversity and Equality Network Ways to reach us If you have a general query or if you need support with your application and/or an alternative way to apply, please do not hesitate to contact our Talent team at jobs@double11.com
- Company Name
- CENSUS
- Job Title
- Technical Project Manager - Embedded Systems Security (UK Nationals Only)
- Job Description
- About CENSUS CENSUS is an internationally acclaimed Cybersecurity services provider. We support the needs of multiple industries, providing IT and OT security services to public and private organizations around the world, ranging from financial institutions and critical infrastructure to automotive and secure communications, including Fortune 500 companies. Powered by cutting-edge research, scientific analysis and in-depth engineering experience across various industries & technologies, CENSUS delivers unparalleled security consulting & assessment services for products (software, services, devices, and large-scale platforms), infrastructure, and organizations. Learn more about CENSUS at census-labs.com. About The Job / Key Responsibilities CENSUS’ bespoke cybersecurity services are built upon a talented pool of Security Engineers, whose role extends beyond mere adherence to industry best practices. Our Technical Project Managers play a pivotal role in formulating and executing service delivery strategies that align with the rigorous quality standards set by CENSUS. Drawing from their robust technical background and leveraging their project & stakeholder management skills, TPMs serve as the primary facilitators empowering our clients to effectively maximize the potential of our security and advisory teams. Skills We are looking for talented & ambitious professionals to grow our Product Security Professional Services team and join our ongoing mission to deliver in-depth and top-tier cybersecurity services to our valued clients. As part of this role, you will use your technical background - in the Embedded Systems Security domain – along with your Project Management skills to enable a successful service delivery to our clients. You will work side-by-side with our clients’ development and security teams & partners, under engagements / projects that involve: Working with our clients to understand their requirements and scope, size, plan the corresponding technical activities to efficiently meet those (consulting, assessments, audits, evaluations, security architecture development, etc.). Receiving high-level task & product descriptions and decomposing them to smaller & well-defined technical activities, which are then assigned to the corresponding security engineering & consulting teams. Leading project’s technical team within the scope of the engagement. Documenting and presenting product security risks in both technical and business-oriented language. Conducting technical QA and presenting to both technical and business audiences, the technical team deliverables (findings, technical reports, observations, improvement recommendations, operational methodologies, etc.) Building and developing relationships with cross-client teams and partners. Owning & driving the continuous improvement of the technical quality of the project team deliverables. Ensuring client satisfaction and business growth by communicating lessons learned and key success factors to the business development team. Minimum Qualifications MSc or BSc in Electrical Engineering, Computer Science, Computer Engineering, Electronics Engineering, or equivalent practical experience. 4+ years of experience in embedded, general- or special-purpose computer system-level software or firmware security. Experience can be an engineering / development position (e.g., consumer or enterprise), an assessment / consultancy role, an equivalent role in other engineering organizations, or a combination of them. 2+ years of experience in technical project management in a role related to product or information security. Key Skills & Preferred Qualifications Experience with Embedded Systems, Linux, or Real Time Operating systems security concepts. Experience with reviewing system security architecture & engaged technologies. Experience with ARM architectures & platforms. Experience with C, C++, Rust, or Assembly (ARM) programming languages in the context of system software (bootloaders, drivers, kernel, system services, etc.). Experience with secure boot, firmware & software integrity, OTA updates, and hardware-backed device attestation technologies. Experience with cryptographic primitives and cryptographic best practices in the context of system security (inline crypto engines, storage encryption, attestation, HW key rooting, derivation, wrapping/unwrapping, etc.). Familiarity with identifying and reporting security vulnerabilities on system software (memory corruption, side-channel attacks, business logic, etc.). Familiarity with product security assessments and S-SDLC processes. Experience with managing technical teams. Experience with translating complex technical concepts into relevant messages suitable for various audiences (engineering and different tiers of management). Experience with stakeholder management for security engineering deliverables. Experience working with international teams located in other regions and time zones worldwide. Excellent leadership, ownership, problem solving skills, and willingness to learn/grow. Proficient in English and excellent communication skills. Traveling may be required
- Company Name
- NVIDIA
- Job Title
- Senior Silicon Security Architect
- Job Description
- NVIDIA has been transforming computer graphics, PC gaming, and accelerated computing for more than 25 years. It's an outstanding legacy of innovation that's fueled by great technology—and outstanding people. Today, we’re tapping into the unlimited potential of AI to define the next era of computing. An era in which our GPU acts as the brains of computers, robots, and self-driving cars that can understand the world. Doing what’s never been done before takes vision, innovation, and the world’s best talent. As an NVIDIAN, you’ll be immersed in a diverse, encouraging environment where everyone is motivated to do their best work. Come join the team and see how you can make a lasting impact on the world. NVIDIA is seeking a network security research architect who is interested in a chance to define, research, and implement next-generation security features for data centers’ networks. The position will take on a lead role, working with teams with varied strengths across NVIDIA and with external partners to research security requirements for networking products. What You'll Be Doing Lead, research, design, develop, and implement solutions for attestation and confidential compute in network devices. Apply innovative security primitives using attestation capabilities. Collaborate across external and internal teams and with customers. Define next generation architecture following standards bodies and developing proof-of-concepts for attestation and confidential compute. What We Need To See MSc or PhD in Electrical Engineering, Computer Science, or Computer Engineering or equivalent experience. At least 5 years of experience. Background in security-by-design Background in attestation protocols such as DICE, SPDM, TPM, CoRIM Programming and debugging fundamentals across languages such as Python, and C/C++. Strong communication skills and a genuine passion for working together as a team are vital. Ways To Stand Out From The Crowd Proven security research experience and publications in top security conferences. Background in confidential compute and trusted execution environments solutions such as ARM CCA and PCIe TDISP Experience with high-scale deployment challenges and threat modeling Architectural background and hardware-software codesign. JR1996461
- Company Name
- Saab UK
- Job Title
- Cyber Security Lead
- Job Description
- Introduction: Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world-leading solutions and services in defence, aviation, space, and civil security to keep people and society safe. Our UK presence has been growing at pace, meaning we can offer a wide range of opportunities for personal fulfilment and career growth. We currently employ over 500 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI, and armed forces training. As part of the global entity Saab AB, Saab UK combines the innovative spirit of a start-up with the resources and expertise of a larger corporation. Globally, Saab employs over 22,000 people, with operations on every continent. Our partnerships with UK customers and industry mean we are able to deliver innovative solutions to complex challenges, anticipating the threats of tomorrow. We invest 23% of our annual revenue into research and development, collaborating with a range of partners including industry and academia. Saab is a company that offers our employees plenty of opportunities for growth and advancement. We embrace diversity and are committed to providing a workplace where individuals can thrive professionally, paving the way for future progression. We also recognise the need for a healthy work-life balance to ensure our staff have the chance to live a fulfilling life beyond the workplace. The Role: The Cyber Security Lead will lead the deployment and management of Cyber Security activities across the UK Saab operations in close co-operation with the business units, group security and the group IT operations in Sweden. The role will ensure compliance of UK operations to customer and group security standards. The role will work closely with UK Security and Group IT and Security teams to assist with compliance against CyberEssentials plus, ISO 27001 compliance and UK customer security requirements Responsibilities: Safeguards Saab UK networks and information system by identifying and solving potential and actual security problems. Protects systems by implementing and managing access privileges, control structures, and resources. Recognises problems by identifying abnormalities; reporting violations. Reporting on emerging threats together with the Group IT Security function Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines IT process violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following Saab Group IT standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Systems accreditation for internal and external teams Leading IT Security Incident response process Required Skills: System administration Network security Problem solving Information security policies On-call network troubleshooting Firewall administration Network protocols Routers, hubs, and switches Collaboration and communication Process improvement Knowledge of systems accreditation for internal and external teams Experience and Qualifications: Bachelor's degree in Computer Science, Information Systems, or equivalent education or work experience 4+ years of prior relevant experience Advanced certifications in Security Standards Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defence-in-depth and common security elements. Hands-on experience analysing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk) Understanding of mobile technology and OS (i.e. Android, iOS, Windows), Experienced in Cloud Security principles As a National Security Vetting clearance is required for this role, applicants will be required to hold National Security Vetting clearance to SC level or have the ability to gain it. By submitting an application to Saab UK you consent to undertaking workforce screening activities that may include but are not limited to: Baseline Personnel Security checks, National Security Vetting, reference checks, verification of working rights and in all circumstances preferred candidates will be placed through a security interview.