Security Architect
Hybrid
London, United Kingdom
Full Time
25-04-2025
Job Specifications
Summary
Location
London
Job Type
Full Time
Posted Date
25-Apr-2025
Ref #
66706
Here at VMO2 we are looking to take on an experienced and motivated Security Architect to join our team on a permanent basis.
You will own the design and implementation of robust security architectures across cloud platforms, microservices, and enterprise environments.
You will have a deep understanding of cloud-native security, application security, data security, and enterprise security technologies. You will work closely with product team, developers, security engineers, DevSecOps and operation teams to integrate security into the entire software development lifecycle and enterprise infrastructure.
Key Responsibilities
Partnering with teams for development and implement of application/cloud security standards, patterns and guidelines that support ongoing deliveries and balance risk and business benefit.
Continuously reviewing the design and efficiency of application/cloud security controls and develop a program of continuous security improvement.
Providing DevSecOps thought leadership in areas of CI/CD and continuous testing & certification, service resiliency within a Cloud-based microservices and data architecture based on previous industry experience with large scale cloud platforms
Working closely with cross-disciplined teams of engineers to implement innovative DevSecOps solutions and effectively mentor a team of security and software developers
Building security patterns and designs for hybrid and public cloud application.
Identifying gaps in existing security architecture and design and recommend changes or enhancements
Recommending and evaluating security tools including static and dynamic analysers, security frameworks, etc.
Partner with engineering teams to integrate security controls into continuous integration, delivery and deployment processes.
Who we are
The UK’s fastest broadband network. The nation’s best-loved mobile brand. And, one of the UK's biggest companies too.
Diverse, high performing teams - jam packed with serious talent. Together, we offer the UK more choice and better value, through our boundary-pushing, customer-championing values and ambitions.
Together, we are Virgin Media O2, and we can't wait to see what you can do.
Accessible, inclusive and equitable for all
Virgin Media O2 is an equal opportunities employer and we're working hard to remove bias and barriers for our people and candidates. So, we build equity and inclusion into everything we do, from the policies we craft to the relationships we shape. We support and encourage you to be your authentic self throughout your application journey with us.
The must haves
In order to be considered, you must have the following experience;
Extensive hands-on experience with Threat Modelling, SAST, DAST, and web application security, including OWASP Top 10, CWE Top 25, and SANS 25.
Proficiency in securing consumer-facing applications and working with Public Cloud (especially GCP), Docker, Kubernetes, and serverless technologies.
Hands-on exposure with GCP security architecture (IAM, VPC, Cloud KMS, Cloud Armor etc. ) and other cloud-native security tools.
Strong understanding of data security practices, including encryption, access control, and data security controls.
Solid understanding of networking, databases (Postgres, MySQL, RDS), and infra-as-code tools like Terraform and Ansible/Chef.
Skilled in DevSecOps environments, with knowledge of any programming languages such as Ruby, Java, Python, and PHP.
The other stuff we are looking for
We'd also love you to bring;
Up-to-date on cybersecurity threats, risk assessment, and frameworks/regulations (GDPR, PCI, NIST, ISO27001).
Proven experience in requirements identification, solution testing, and vendor product selection.
Demonstrated leadership and relationship management with internal and external partners, along with excellent communication and presentation skills to build consensus.
What's in it for you
Our goal is to celebrate our people, their lives and everything in-between. We aim to create a culture that empowers everyone to bring the best versions of themselves to work each and every day. We believe the most inclusive and diverse culture makes for a better business and a brighter world.
Working at Virgin Media O2, you get a bumper reward package bursting with benefits, and loads of extras you can add if you’d like to. These are designed to support both you and your loved ones, making sure that you’re covered no matter what life throws your way.
Next steps
If we feel like a place where you can belong, we'd love to learn more about you as a person and your experience to date. Once you've submitted an application the next steps of the process, if successful, are likely to include an initial screening call followed by a technical round of interview.
When you apply, you'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll be sure to discuss it with you.
Please note: Applications will be reviewed, and interviews conducted throughout the duration of this advert, therefore we may bring the closing date forward. We encourage all interested applicants to apply as soon as possible. If you’re offered a job with us, it will be conditional, based on the passing of background checks. All roles require a criminal record check and some roles need a financial probity check. Your recruiter can provide you with more information if needed.
About the Company
We’re Virgin Media O2 and we’re here to upgrade the UK. Virgin Media O2 combines the UK’s largest and most reliable mobile network with a broadband network offering the fastest widely-available broadband speeds. We’re a customer-first organisation that brings a range of connectivity services together in one place with a clear mission: to upgrade the UK. We are the corporate brand of the 50:50 joint venture between Liberty Global and Telefónica SA, and are one of the UK’s largest businesses. Know more
Related Jobs
- Company Name
- Meta
- Job Title
- Security Engineer, Identity and Access Management (IAM)
- Job Description
- Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The org is responsible for inhibiting malicious actors from compromising our environment, preventing, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be comfortable collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems. An ideal candidate is someone that has technical knowledge of the broad aspects of information security, and is able to identify deficiencies in the access management space. This role specifically needs deep conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. This role requires a broad mix of security, technical, coding and communication skills coupled with a strong desire to learn. Security Engineer, Identity and Access Management (IAM) Responsibilities: Design and implement systems that enhance the security of Facebook’s Identity & Access Management Systems Build and maintain tools that improve the Identity and Access Management posture at Meta. Conduct design and code reviews Analyze and improve efficiency, scalability, and stability for assigned product area and/or systems Identify and drive changes as needed for assigned codebase, product area and/or systems Interface with other teams to incorporate their innovations and vice versa Articulate security findings to internal to a variety of stakeholders, including both technical and non-technical stakeholders Provide defensible recommendations on technical, physical and administrative control implementations based on findings while balancing the cost versus benefits Participate in the development and oversight of corrective actions relating to security issues Participate in cross-functional, team, and status review meetings Recommend process improvement and strategic initiatives as related to security. Minimum Qualifications: Experience in writing custom scripts in Python/C++ and PHP/Hack BSc in Computer Science related field, or equivalent experience Experience building large-scale distributed systems or similar experience 8+ years of software development experience Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls 5+ years of proven experience working on Information Security teams or conducting Information Security consulting engagements Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences Ability to manage competing priorities and simultaneous projects in a fast paced environment with little supervision Strong communication skills - both written and verbal, interpersonal skills, and ability to work cross-functionally with various teams Preferred Qualifications: Program and project management skills Experience in the IAM domain in a cloud based infrastructure environment Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations Strong analytical and problem-solving skills, including a basic understanding of data analysis techniques About Meta: Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics. Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.
- Company Name
- Arcus Search
- Job Title
- Security Consultant
- Job Description
- I am working with a business who are currently looking for a Security Consultant to drive information security strategy ensuring secure-by-design practices in both cloud and on-prem environments. Title: Security Consultant Salary: £50,000 - £55,000 Location: Manchester, 3 days a week in the office Job Type: Full-Time Key Responsibilities Act as a trusted advisor to business units on risk, controls, and security best practices Promote security awareness and help drive a risk-aware culture across the business Provide expert guidance to ensure alignment with security frameworks (e.g. ISO 27001, NIST) Support audit, regulatory compliance, and governance efforts Influence adoption of secure solutions across both strategic and operational initiatives What They Are Looking For Proven experience in Information Security and Risk Management within complex organisations Strong communication and stakeholder engagement skills Familiarity with cloud and hybrid security models Understanding of regulatory compliance (e.g., GDPR, PCI DSS) Knowledge of frameworks like ISO 27001, NIST, CIS, or COBIT If keen please apply!
- Company Name
- RiverSafe
- Job Title
- Senior Business Development Executive - DevOps / Cloud / Cyber Security
- Job Description
- The Senior Business Development Executive is responsible for identifying, developing and closing new business opportunities and will be targeted on net new logo acquisition. The ideal candidate will possess knowledge of Cyber Security or AWS / Cloud / DevOps services, be a self-starter with strong sales acumen, and have professional services sales or consultative sales experience. **This is a hybrid role requiring some time in our London office each week - and with the flexibility to travel as required, to meet clients and attend industry events.** Identify and pursue new business opportunities in the IT services industry, with a focus on our core offerings of Cyber Security, DevOps and Application Security. Develop and execute strategic sales plans to achieve sales targets and expand the customer base. Build and maintain relationships with key decision-makers, influencers and stakeholders. Develop a deep understanding of clients' business objectives, challenges and opportunities related to Cyber Security, DevOps and AppSec, and present appropriate solutions. Provide consultative sales support to potential clients by demonstrating deep knowledge of the value our services provide. Skills Minimum of 4 years of professional service/consulting experience in business development or sales within the IT services sector, focused on Cyber Security, DevOps or Application Security. Proven track record of meeting or exceeding sales targets. Strong relationship-building skills with the ability to engage C-level executives. Excellent communication, negotiation and presentation skills. Proficiency in using CRM systems (e.g. Salesforce, HubSpot).
- Company Name
- Meta
- Job Title
- Security Engineer Investigator, Insider Trust
- Job Description
- The Insider Trust team is looking for a Security Engineer to investigate, build and improve internal tools and systems to identify malicious activities related to insider threats. Candidates are expected to analyze and monitor internal tools, hunt for insider threats against company data and infrastructure, and have experience carrying out complex internal investigations from collection to reporting and collaboration skills, working closely with engineering teams, Human Resources, and Legal teams. Security Engineer Investigator, Insider Trust Responsibilities: Develop understanding of problem space and provide technical direction during investigations and threat hunts Develop workflows and automations to streamline signals, hunts and investigative processes Perform analysis of logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential insider threats Build operational workflows and actions to auto-resolve false positives and provide context, scaling investigative workflows Identify gaps in our infrastructure, and work with cross-functional teams to gain visibility through logging and automation Minimum Qualifications: Bachelor's degree in Computer Science, Engineering, or equivalent experience 4+ years of experience in Detection & Response Engineering, Threat Intelligence or similar Security Engineering role Experience conducting technical security investigations (response, forensics, log analysis) Experience interpreting information from multiple sources and working with data sets Knowledge with database tools/systems such as Hbase, SQL, Hive Query Language Preferred Qualifications: Coding proficiency in Python, PHP, and/or C++, or similar high level languages About Meta: Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics. Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.