Financial Services Security Architect

Detailed Description From Employer:

Financial Services Security Architect

Our client, a leading global supplier for IT services, requires experienced Financial Services Security Architect to be based at their client's office in Leeds, UK.

This is a hybrid role - you can work remotely in the UK and attend the Leeds office 4 days per week .

This is a 6+ month temporary contract to start asap

Day rate: Competitive Market rate

Our client is looking for an exceptionally seasoned Security Architect with over 15 years of progressive experience, including extensive leadership in designing and implementing robust security architectures, particularly within large-scale cloud environments and the highly regulated financial domain. This role demands a deep understanding of complex security challenges, a proven track record of strategic influence, and the ability to translate business requirements into secure, scalable, and compliant technical solutions.

Key Responsibilities

Strategic Security Leadership:

• Define, evangelise, and evolve the overall cloud security architecture strategy and roadmap, aligning with business objectives, relevant European regulatory requirements (eg, GDPR, DORA, PSD2, NIS2 Directive), and industry best practices
• Act as a trusted security advisor to senior leadership, engineering teams, and business units on all aspects of cloud security
• Lead the development and implementation of security architectural standards, patterns, and guidelines for cloud-native and hybrid-cloud deployments

Solution Design & Assurance:

• Provide expert security architecture guidance for critical enterprise applications, infrastructure, and data platforms, with a strong focus on secure-by-design principles
• Conduct comprehensive security architecture reviews of high-level and low-level designs, identifying risks, proposing effective controls, and ensuring adherence to security policies
• Drive the selection and integration of security technologies and services within cloud ecosystems (AWS, Azure, GCP preferred)

Risk & Compliance Management:

• Lead threat modeling, risk assessments, and security posture management across cloud environments
• Ensure architectural designs meet stringent regulatory compliance requirements relevant to the financial industry in Europe (eg, data residency, privacy, operational resilience)
• Develop and implement security controls that align with frameworks like NIST CSF, ISO 27001, PCI DSS, and CSA CCM

DevSecOps & Automation:

• Champion the integration of security into the entire SDLC (DevSecOps), promoting automated security testing, continuous compliance, and secure configuration management
• Design secure CI/CD pipelines and infrastructure as code (IaC) templates

Key Requirements

Essential Skills:

• 15+ years of progressive experience in Information Security, with a significant focus (minimum 7-8 years) on Security Architecture

• 5+ years of hands-on experience specifically in Cloud Security Architecture for enterprise-scale deployments across at least one major public cloud provider (AWS, Azure, or GCP). Multi-cloud experience is highly preferred

• Deep expertise in financial services domain security, including understanding of common threats, European regulatory requirements (eg, PSD2, DORA, EBA guidelines), and data privacy mandates (GDPR)

• Mandatory - Ability to understand KYC processes and security controls needed to build applications for payment processing and protecting customer data. Know-how of Regulatory controls in payment processing industry (FinTech)

• Extensive knowledge of security architecture principles for:

• Identity & Access Management (IAM) in cloud (eg, AWS IAM, Azure AD, GCP IAM)
• Network Security (VPCs, firewalls, WAFs, micro-segmentation, private connectivity)
• Data Security (encryption at rest/in transit, KMS, data classification, DLP
• Application Security (secure coding, API security, SAST/DAST, WAF integration)
• Container Security (Kubernetes, Docker, service mesh)
• Security Information and Event Management (SIEM) and logging strategies
• Zero Trust Architecture principles

• Proven experience with DevSecOps methodologies and securing CI/CD pipelines

• Strong understanding of security frameworks such as NIST CSF, ISO 27001, CSA CCM, and experience in translating these into practical architectural designs

• Hands-on experience with security tools and technologies for vulnerability management, secrets management, cloud security posture management (CSPM), and cloud workload protection platforms (CWPP)

• Relevant industry certifications are highly desirable (eg, TOGAF, CISSP, CCSP, AWS Certified Security - Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer)

Desirable Skills:

• Exceptional Communication: Ability to articulate complex security concepts clearly and concisely to technical teams, senior management, and non-technical stakeholders (both written and verbal)
• Strategic Thinking & Vision: Capability to foresee future security challenges and proactively develop long-term architectural solutions
• Problem-Solving & Analytical Prowess: Strong ability to diagnose complex security issues, identify root causes, and devise innovative, practical solutions
• Collaboration & Teamwork: A strong team player who can work effectively with cross-functional teams (development, operations, compliance, audit)
• Leadership & Mentorship: Demonstrated ability to lead security initiatives, guide junior team members, and foster a culture of continuous learning
• Adaptability & Resilience: Ability to thrive in a fast-paced, evolving environment and navigate ambiguity with a positive and proactive approach
• Attention to Detail: Meticulous approach to design and review, ensuring no critical security gaps

Due to the volume of applications received, unfortunately we cannot respond to everyone.

If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.

Please do keep an eye on our website for future roles.