Cyber Security Architect
JAM Recruitment
Bryning-with-Warton, United Kingdom
yesterday
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Compensation
£ 187KJob location
Bryning-with-Warton, United Kingdom
Tech stack
Amazon Web Services (AWS)
Computing Platforms
Architectural Patterns
Azure
Cloud Computing
Cloud Computing Security
Computer Security
Identity and Access Management
Information Systems Security Architecture Professional
Javaserver Pages
OpenID
Public Key Infrastructure
PRINCE2
Role-Based Access Control
Ansible
Zero Trust Network Access
Sherwood Applied Business Security Architecture
SharePoint
Wide Area Networks
Zachman Framework
Google Cloud Platform
Multi-Cloud
Archimate
Juniper
Togaf
Tanzu
Kubernetes
Palo Alto Networks
Fortinet
Terraform
Oracle Cloud Infrastructure
Devsecops
ServiceNow Customer Service Management
Cisco networks
ServiceNow
Job description
Highly experienced security architects with strong technical credentials across enterprise, cloud, network and classified environments. Responsible for designing end-to-end secure architectures (HLD/LLD), leading Design Authorities and Technical Design Authorities, and providing architectural assurance across multi-supplier programmes up to TOP SECRET / Above Secret classifications. Ensures Secure-by-Design principles are embedded from the outset across all programmes., * Design end-to-end secure architectures (HLD/LLD)
- Lead Design Authorities and Technical Design Authorities
- Ensure security is consistently embedded into system design across all programmes
- Align architectural decisions with Secure-by-Design principles from the outset
- Define identity, cross-domain and data protection controls at the architecture level
- Enable structured, technically robust Design Authority interactions
- Provide architectural assurance across complex, multi-partner and classified environments
Technical Skills & Experience, a good mix of some or all of the following:
- Secure-by-Design (MOD SbD / NIST 800-53r5 / NIST CSF / CIS CSC v8.1) - design, maturity tracking and assurance across full programme lifecycles
- Enterprise & Cloud Security Architecture - AWS, Azure, GCP, Oracle Cloud (multi-cloud landing zones, hybrid identity, secure migration patterns)
- Classified Platform Design - OFFICIAL, OFFICIAL-SENSITIVE, SECRET and ABOVE SECRET environments, ROSA, Garrison, Citadel, VCF, Cross-Domain Solutions
- Zero Trust, IDAM & PKI - conditional access, hybrid identity, cryptography, HSMs, IAM, RBAC, OIDC, federation
- Threat Modelling - STRIDE / STRIDE-LM, attack-surface analysis, trust boundary modelling, design reviews
- Network & Boundary Security - Checkpoint, Palo Alto, Fortinet, Cisco, Juniper, F5, Zscaler, NSX-T, SD-WAN, encrypted WAN, DMZ, NAC
- ServiceNow & M365 Architecture - ITSM, ITOM, CSM, EAM, SharePoint Online, Purview, Entra, Sentinel, Defender, Power Platform, CoPilot
- Container & DevSecOps - Kubernetes (EKS, Tanzu), Terraform, Ansible, CI/CD security, image scanning, container hardening
- Architecture Frameworks - TOGAF, ArchiMate, SABSA, Zachman, MODAF, JSP standards, NCSC architectural patterns
- HLD / LLD authoring, Security Patterns, Reference Architectures, Bill of Materials, Crypto Plans and JSP-compliant documentation
- Design Authority leadership, Technical Security Boards, Gateway Reviews, multi-supplier governance
Requirements
- CISSP (multiple holders), CISM, CCSP, OSCP, CEH
- TOGAF 9 / TOGAF 9.2, SABSA Foundation, Zachman, ITIL v3/v4
- AWS Security Specialty, AWS Solutions Architect, AWS DevOps Pro, AWS Advanced Networking
- Azure Security Specialist (AZ-500), Azure Solutions Architect (AZ-303/304), Microsoft MCSE
- CCIE (#38006), CCNP, CCDP, VCP, VCAP-NV, VCP-NV, Check Point CCSE/CCSA, PCNSE
- ISO 27001 Lead Auditor, ISO 27005
- Prince2 Practitioner, MSP, Chartered Engineer (IET), MBCS CITP
- Government Clearances: SC, DV (active and historic), Five Eyes engagement