Security Architect

Job Purpose



Working across cross-functional agile engineering teams, the architect will be responsible for setting the software security standards for the products/platform across the whole of the group.

The architect will work closely with technical teams and construct a gap analysis of current security standards and a plan to move to a consistent engineering-based approach group-wide.

The architect will work closely with technical leaders to help build KPIs and other metrics to aid decisions on prioritisation for managing technical debt.

The architect will mentor other engineers/architects and be pro-active and a strong voice in the team.

The architect will be part of a team that are building market leading products that are secure, performant and scalable, using the latest technologies that are aligned with company vision and standards.



Main Responsibilities



Design and Implementation



  • Design security standards and best practices aligned with overall business and technology strategy
  • Design security architecture elements to prevent and mitigate threats as they emerge.
  • Work with Architects/Operations to review and design solutions that balance business requirements with information and cyber security requirements
  • Work with Architects/Operations/Scrum Masters to build roadmaps on how to deliver in an agile manner
  • Review of code for architecturally significant areas







  • Be involved in maintaining the KPIs/metrics around security standards for the products
  • Liaise with the Operations/Scrum Masters to coordinate regular penetration and vulnerability tests



Planning, Organizing & Delivery



  • Ensure security roadmaps are always current and up to date
  • Ensure security KPIs/metrics are always current and up to date
  • Manage a training plan for teams



Initiative, Innovation & Change



  • Identify and communicate current and emerging security threats 
  • Continuously look for ways to improve effectiveness and productivity and provide innovative solutions to difficult problems
  • Knowledge sharing of technology/trends to teams




Key Relations



  • Agile Teams
  • Wider Architecture group
  • Service Operations




Person Specifications






  • Degree in computer science, software engineering or cyber security would be advantageous





Must Have:

  • Experience in improving toolchain security, particularly through automated end-to-end pipeline delivery
  • Strong .NET, JavaScript and database skills
  • Experience of setting and enforcing code quality standards
  • Experience of implementing at least one secure SDLC methodology
  • Understanding of REST APIs
  • Understanding of Web Architecture
  • Expertise in Identity and access management (IAM) frameworks
  • Experience of presenting and training various people in an organisation security standards and best practices
  • Ability to explain complex concepts to diverse audiences
  • Experience of Agile methodologies





  • Amazon Web Services experience
  • Experience in conducting ethical hacking and penetration testing
  • Experience of security for mobile applications (phone, tablet)
  • Active in the White Hat and/or bug bounty community
  • Certified in recognised industry security qualification:
    • Certified Information Systems Security Professional (CISSP)
    • Information Systems Security Architecture Professional (ISSAP)






  • Collaborative – Working with various discipline to achieve goal
  • Exceptional communication skills with diverse. As Security subject matter expert, explain technical topics to those without a technical background
  • Passionate about subject
  • Analytical/Inquisitive




What's in it for you?



The benefits



  • We believe in creating a culture of engagement and reward to develop employee potential and offer long-term career success. So what can we offer you?
  • Generous holiday allowance
  • Private medical healthcare
  • Life assurance
  • Pension
  • Competitive pay and bonus scheme
  • Complimentary benefits, including Bike to Work, Childcare Vouchers and discount schemes