VP Cloud Security Automation Architect DevSecOps - Banking
Robert Walters
Charing Cross, United Kingdom
2 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Compensation
£ 125KJob location
Charing Cross, United Kingdom
Tech stack
Artificial Intelligence
Architectural Patterns
Azure
C Sharp (Programming Language)
Software as a Service
Cloud Computing Security
Computer Programming
Continuous Integration
Software Design Patterns
Python
Network Segmentation
Powershell
Quantum Computing
Sherwood Applied Business Security Architecture
Working Model 2D
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Togaf
Kubernetes
CIS Benchmarks
Devsecops
Microservices
Job description
Join us as a Cloud Security Automation Architect (VP), shaping and safeguarding its hybrid IT landscape across on-prem, Azure, GCP, and cloud-native platforms. You'll embed security into high-impact projects from the ground up, design scalable and reusable "as code" controls, and drive automation to streamline security across CI/CD, IaC, and cloud environments.
About the job:The Cloud Security Automation Architect will define, implement, and maintain the Bank's technical security strategy across hybrid environments (on-prem, Azure, GCP, Kubernetes, SaaS, enterprise systems). The role embeds security into solution design, develops reusable controls, and drives automation to enable secure, scalable innovation.
About the responsibilities:
- Conduct security design reviews, assess architectures against policies/standards, and recommend mitigations.
- Maintain and evolve a unified Security Reference Architecture and reusable design patterns.
- Design and enhance security controls to address gaps, emerging threats, and compliance requirements.
- Act as SME for Azure/GCP security; design cloud-compatible controls, templates, and "as code" modules.
- Collaborate with engineering teams to embed security into CI/CD, IaC, and DevSecOps pipelines.
- Lead threat modelling exercises and train non-security stakeholders in its application.
Requirements
- Strong knowledge of industry frameworks (NIST CSF, ISO/IEC 27001, CIS Benchmarks) and core security principles (Zero Trust, Least Privilege, Network Segmentation)
- Proven experience with Azure/GCP security, CSPM, CWPP, Policy as Code (Azure Policy, OPA), and cloud-native security tooling
- Proficiency in scripting/programming (Python, C#, PowerShell) for automation
- Familiarity with architectural patterns (Multi-Tier, Microservices, Event-Driven) and frameworks (TOGAF, SABSA)
- Experience securing IaC pipelines, CI/CD integrations, and applying DevSecOps practices
- Awareness of emerging technologies (AI/ML, Quantum Computing) and their security implications are strong advantages
- Hold the right to work in the United Kingdom and happy with working 3 days in London office (hybrid working model)
