JAM Recruitment Ltd logo

Cyber Security Architect

JAM Recruitment Ltd
43 minutes ago
Contract
Lancashire
United Kingdom
£50 - £90 GBP daily

Senior and Principal Security Architects

50- 90 per hour (Dependent on experience and level) - Inside IR35

12 month contracts

Hybrid - 2/3 days a week on site - Warton (PR4)

Applicants must have the right to work in the UK

Successful applicants must be eligible for SC/DV clearance

Role Purpose / Overview

Highly experienced security architects with strong technical credentials across enterprise, cloud, network and classified environments. Responsible for designing end-to-end secure architectures (HLD/LLD), leading Design Authorities and Technical Design Authorities, and providing architectural assurance across multi-supplier programmes up to TOP SECRET / Above Secret classifications. Ensures Secure-by-Design principles are embedded from the outset across all programmes.

Key Outcomes

  • Security is consistently embedded into system design across all programmes
  • Architectural decisions align with Secure-by-Design principles from the outset
  • Complex, multi-partner and classified environments are designed securely and coherently
  • Identity, cross-domain and data protection controls are defined at the architecture level
  • Design Authority interactions are informed, structured and technically robust

Key Responsibilities

  • Design end-to-end secure architectures (HLD/LLD)
  • Lead Design Authorities and Technical Design Authorities
  • Ensure security is consistently embedded into system design across all programmes
  • Align architectural decisions with Secure-by-Design principles from the outset
  • Define identity, cross-domain and data protection controls at the architecture level
  • Enable structured, technically robust Design Authority interactions
  • Provide architectural assurance across complex, multi-partner and classified environments

Technical Skills & Experience, a good mix of some or all of the following:

  • Secure-by-Design (MOD SbD / NIST 800-53r5 / NIST CSF / CIS CSC v8.1) - design, maturity tracking and assurance across full programme lifecycles
  • Enterprise & Cloud Security Architecture - AWS, Azure, GCP, Oracle Cloud (multi-cloud landing zones, hybrid identity, secure migration patterns)
  • Classified Platform Design - OFFICIAL, OFFICIAL-SENSITIVE, SECRET and ABOVE SECRET environments, ROSA, Garrison, Citadel, VCF, Cross-Domain Solutions
  • Zero Trust, IDAM & PKI - conditional access, hybrid identity, cryptography, HSMs, IAM, RBAC, OIDC, federation
  • Threat Modelling - STRIDE / STRIDE-LM, attack-surface analysis, trust boundary modelling, design reviews
  • Network & Boundary Security - Checkpoint, Palo Alto, Fortinet, Cisco, Juniper, F5, Zscaler, NSX-T, SD-WAN, encrypted WAN, DMZ, NAC
  • ServiceNow & M365 Architecture - ITSM, ITOM, CSM, EAM, SharePoint Online, Purview, Entra, Sentinel, Defender, Power Platform, CoPilot
  • Container & DevSecOps - Kubernetes (EKS, Tanzu), Terraform, Ansible, CI/CD security, image scanning, container hardening
  • Architecture Frameworks - TOGAF, ArchiMate, SABSA, Zachman, MODAF, JSP standards, NCSC architectural patterns
  • HLD / LLD authoring, Security Patterns, Reference Architectures, Bill of Materials, Crypto Plans and JSP-compliant documentation
  • Design Authority leadership, Technical Security Boards, Gateway Reviews, multi-supplier governance

Qualifications & Certifications

  • CISSP (multiple holders), CISM, CCSP, OSCP, CEH
  • TOGAF 9 / TOGAF 9.2, SABSA Foundation, Zachman, ITIL v3/v4
  • AWS Security Specialty, AWS Solutions Architect, AWS DevOps Pro, AWS Advanced Networking
  • Azure Security Specialist (AZ-500), Azure Solutions Architect (AZ-303/304), Microsoft MCSE
  • CCIE (), CCNP, CCDP, VCP, VCAP-NV, VCP-NV, Check Point CCSE/CCSA, PCNSE
  • ISO 27001 Lead Auditor, ISO 27005
  • Prince2 Practitioner, MSP, Chartered Engineer (IET), MBCS CITP
  • Government Clearances: SC, DV (active and historic), Five Eyes engagement