Security Architect

Security Architect
Salary: £85k + Benefits
Based in Bristol with Hybrid Working

We are taking applications for this exceptional opportunity to work for our client, a global defence tech organisation as Security Architect. In this exciting role, the successful candidate will be responsible for designing, implementing, and overseeing security infrastructure to protect products and systems from security threats. This role ensures security controls are integrated throughout the software development lifecycle, performs risk assessments, and collaborates with stakeholders to mitigate vulnerabilities. The Security Architect will also contribute to security compliance and best practices, ensuring products meet regulatory and industry standards.

1. Identify security requirements and integrate controls into product development.
2. Conduct risk assessments, threat modeling, and vulnerability analysis.
3. Develop and implement risk management strategies using security frameworks.
4. Collaborate with development teams to ensure security best practices and secure-by-design principles.
5. Identify and mitigate security risks in solution architectures.
6. Create security documentation (e.g., RMADS, Security Assurance Documents).
7. Support incident response and remediation efforts for security breaches.
8. Provide security guidance and training to teams across the organization.

1. Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP).
2. Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139).
3. Proficiency in security threat modeling and risk assessments.
4. Knowledge of secure development practices, penetration testing, and vulnerability assessments.
5. Ability to communicate security risks and strategies to technical and non-technical stakeholders.
6. Experience in incident response and remediation.
7. Strong analytical and problem-solving skills.

1. Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
2. Certifications such as CISSP, CISM, OSCP, GIAC (preferred but not mandatory).
3. Must be eligible for SC security clearance.
4. Experience working in defense, government, or high-security environments is a plus.
5. Knowledge of cloud security architectures (AWS, Azure, GCP) is advantageous.