Security Architect

About Our Client

Our client are a leading global consultancy recognised for their innovation, commitment to excellence, and ability to provide end-to-end solutions in a range of sectors. Their clients trust them to deliver top-tier services in cybersecurity, infrastructure, and cloud technologies, helping them safeguard their assets and future-proof their operations in a rapidly evolving digital landscape. The organisation pride themselves on fostering a culture of collaboration, growth, and professional development, offering their employees the opportunity to work on high-impact, challenging projects.

To continue delivering world-class service to their clients, they are seeking an experienced Security Architect who specialises in securing infrastructure. This role offers the opportunity to work with leading companies across various industries, contributing to strategic security initiatives while implementing best-in-class security measures tailored to each client’s needs.

Role Overview

As a Security Architect, you will be responsible for designing, implementing, and overseeing security initiatives across a wide range of environments. Working closely with clients and internal teams, you will develop tailored security architectures, conduct threat assessments, and provide strategic security advice to ensure their infrastructure is resilient to modern-day cyber threats.

This is a client-facing role within their consulting team, so strong communication and stakeholder management skills are essential. Prior experience in a consulting environment would be advantageous, as you will need to quickly understand and adapt to different industries and regulatory requirements, providing bespoke security solutions that align with each client’s specific objectives.

Key Responsibilities

1. Security Architecture & Design

- Develop comprehensive security architectures for clients, focusing on securing infrastructure (on-premises, cloud, hybrid).

- Ensure that security designs are compliant with industry best practices, regulatory requirements, and specific client policies.

- Design secure network and system infrastructures to protect against cyber threats, including firewalls, VPNs, encryption mechanisms, and identity access management solutions.

- Assess and integrate security solutions into the infrastructure, including endpoint protection, intrusion detection/prevention systems, and secure cloud configurations.

2. Risk Assessment & Mitigation

- Conduct detailed infrastructure security assessments to identify vulnerabilities and recommend mitigation strategies.

- Collaborate with client stakeholders to understand their risk profiles and develop a tailored risk management strategy.

- Establish comprehensive security policies and procedures to protect critical infrastructure.

- Recommend and implement measures to reduce the attack surface, improve incident detection, and streamline response protocols.

3. Client Engagement & Consulting

- Serve as a trusted advisor to clients, guiding them through security transformations and assisting with strategic planning.

- Work closely with clients to align security architecture with business goals, ensuring both security and operational efficiency.

- Provide consulting services on infrastructure security best practices, governance frameworks (such as NIST, ISO27001, or CIS), and incident response planning.

- Deliver clear and concise presentations and reports to senior stakeholders, translating complex security concepts into business-friendly language.

4. Collaboration & Leadership

- Lead cross-functional teams to execute on security initiatives and collaborate with IT and DevOps teams to ensure seamless integration of security into existing and future infrastructures.

- Mentor and guide junior security consultants or engineers, fostering a collaborative and high-performance culture within the team.

- Act as a thought leader within the organization and externally, contributing to our security practice development and sharing insights with clients and peers.

5. Continuous Improvement & Innovation

- Stay current on the latest trends, threats, and technologies in the cybersecurity space, particularly around infrastructure security.

- Recommend and implement new tools, processes, and technologies to continuously enhance the security posture of our clients.

- Participate in internal and external thought leadership activities, contributing to whitepapers, webinars, and industry conferences where relevant.

Essential Skills & Qualifications

- Proven experience as a Security Architect, with a specialization in securing infrastructure in complex, dynamic environments.

- Consulting Experience: Previous experience in a consulting or client-facing role is highly desirable, with a strong ability to quickly assess client needs and deliver tailored solutions.

- Technical Expertise: Strong understanding of network security, cloud security (AWS, Azure, GCP), and hybrid infrastructure environments.

- Expertise in security technologies such as firewalls, VPNs, IDS/IPS, encryption, and identity & access management (IAM) solutions.

- Experience with secure architecture frameworks (e.g., SABSA, TOGAF) and regulatory compliance standards (e.g., NIST, GDPR, PCI-DSS).

- Proficient in conducting threat modeling and vulnerability assessments.

- Experience with infrastructure-as-code (IaC) and cloud-native security tools such as Terraform, Ansible, AWS Security Hub, Azure Security Center, etc.

- Strong Communication Skills: Ability to communicate complex security concepts to technical and non-technical stakeholders alike.

- Problem Solving & Analytical Skills: Capable of thinking critically about the evolving threat landscape and devising creative solutions for infrastructure security challenges.

- Certifications: Relevant certifications such as CISSP, CISM, CCSP, CEH, or cloud certifications (AWS Certified Security, Azure Security Engineer) are highly regarded.

Desired Skills & Experience

- Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.

- Hands-on experience with security information and event management (SIEM) systems, endpoint detection and response (EDR) tools, and penetration testing practices.

- Experience with zero-trust architectures and micro-segmentation.

- Experience in delivering security solutions for various industries, such as financial services, healthcare, government, or manufacturing, would be an advantage.

- Experience in writing and reviewing security policies, procedures, and technical documentation.

How to Apply

If you are passionate about infrastructure security and are eager to make a tangible difference in securing mission-critical environments, we would love to hear from you. Please submit your resume and a cover letter detailing your experience and why you would be a great fit for this role.