fortice logo

SC Cleared Senior Security Architect - Cloud Azure & Data Fabric

fortice
1 hour ago
Contract
Not Specified
United Kingdom
£500 - £500 GBP daily

Senior Security Architect - Cloud Azure & Data Fabric

Remote

Inside iR35

Role Summary

The Security Architect is responsible for the comprehensive design, implementation, and governance of secure architectures across both cloud-native and hybrid enterprise environments. This role is centered on Microsoft Azure and advanced Data Fabric solutions, ensuring that all data platforms, integration layers, and cloud services are protected by robust, scalable, and compliant security controls.

The architect will lead the development of security reference architectures for Azure, including secure landing zones, network segmentation, and identity and access management using Azure Active Directory, RBAC, and Privileged Identity Management. The role encompasses the integration of Azure-native security tools such as Defender for Cloud, Sentinel, Key Vault, and managed identities, ensuring encryption of data at rest and in transit, and secure deployment of services like Azure Data Lake, Synapse Analytics, Databricks, and Cosmos DB.

For Data Fabric environments, the Security Architect will define and enforce security patterns for distributed data platforms, including Data Mesh, Master Data Management (MDM), Data Quality, and ETL/ELT pipelines. Responsibilities include implementing data lineage, classification, and access controls across hybrid and multi-cloud landscapes, and designing privacy, retention, and compliance frameworks aligned with regulations such as GDPR, ISO 27001, and NIST.

The role requires conducting risk assessments, threat modelling, and gap analysis for cloud and data platforms, aligning architectural decisions with regulatory requirements and enterprise security policies. The Security Architect will lead security reviews, audits, and remediation activities, embedding security into DevSecOps practices, CI/CD pipelines, and Infrastructure-as-Code (IaC) templates (ARM, Bicep, Terraform). Automation of security monitoring, alerting, and incident response using SIEM and SOAR platforms is a key responsibility.

Additionally, the Security Architect will advise business, IT, and data teams on secure solution design, risk mitigation strategies, and best practices for cloud migration, data modernization, and integration projects. The role is accountable for producing deliverables such as Azure Security Reference Architectures, Data Fabric Security Blueprints, security controls matrices, risk mitigation plans, compliance mappings, and operational security runbooks.

Key Responsibilities

  • Azure Security Architecture
    • Develop end-to-end security models for Azure (IaaS, PaaS, SaaS)
    • Design secure landing zones, network segmentation, and identity/access management (Azure AD, RBAC, Privileged Identity Management)
    • Implement Azure-native security controls: Defender for Cloud, Sentinel, Key Vault, managed identities, encryption-at-rest/in-transit
    • Oversee secure integration of Azure services (Data Lake, Synapse, Databricks, Cosmos DB, API Management)
  • Data Fabric Security
    • Define security patterns for distributed data platforms (Data Fabric, Data Mesh, MDM, DQ, ETL/ELT)
    • Implement data lineage, classification, and access controls across hybrid/multi-cloud
    • Design and enforce data privacy, retention, and compliance frameworks (GDPR, ISO 27001, NIST)
    • Integrate security controls with data pipelines, cataloging, and governance tools
  • Risk & Compliance
    • Conduct risk assessments, threat modelling, and gap analysis for cloud/data platforms
    • Align architecture with regulatory requirements and enterprise policies
    • Lead security reviews, audits, and remediation for Azure and Data Fabric solutions
  • DevSecOps & Automation
    • Embed security in CI/CD pipelines, IaC templates (ARM, Bicep, Terraform)
    • Automate security monitoring, alerting, and incident response (SIEM, SOAR)
    • Drive adoption of secure coding, vulnerability management, and patching practices
  • Stakeholder Engagement
    • Advise business, IT, and data teams on secure solution design and risk mitigation
    • Provide architectural guidance for cloud migration, data modernization, and integration projects

Required Certifications (Map)

Cloud & Azure Security

  • Microsoft Certified: Azure Solutions Architect Expert (AZ-305)
  • Microsoft Certified: Cybersecurity Architect Expert (SC-100)

General Security & Architecture

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Cloud Security Professional (CCSP)
  • ISO 27001 Lead Auditor/Lead Implementer

Good to have Addittional Certifications:

Data Privacy & Compliance

  • Certified Information Privacy Professional (CIPP/E or CIPP/US)
  • Certified Data Privacy Solutions Engineer (CDPSE)

Data Fabric & Data Platform

  • IBM Certified Solution Architect - Data Fabric

DevSecOps & Automation

  • Certified DevSecOps Professional
  • HashiCorp Certified: Terraform Associate

Preferred Skills & Experience

  • 11+ years in security architecture, cloud security, or data platform security roles
  • Hands-on experience with Azure security tools and services
  • Strong knowledge of data governance, privacy, and compliance frameworks
  • Experience with Data Fabric, Data Mesh, MDM, and distributed data platforms
  • Familiarity with DevSecOps, automation, and CI/CD security integration
  • Excellent communication, stakeholder management, and documentation skills

Typical Deliverables

  • Azure Security Reference Architecture
  • Data Fabric Security Blueprint
  • Security controls Matrix (cloud/data)
  • Risk assessment and mitigation plan
  • Compliance mapping (GDPR, ISO, NIST)
  • Security runbooks and operational procedures