Security Architect
Posted Today by Whitehall Resources
Negotiable
Inside
Remote
City of London, London
Summary: Whitehall Resources is seeking a Security Architect for a 6-month contract to define and govern enterprise cyber security architecture across various domains. The role focuses on strategic and architectural responsibilities rather than operational tasks, ensuring alignment with business and cyber strategies. The position is fully remote and classified as inside IR35.
Key Responsibilities:
- Shape forward-looking cyber architecture strategy and maintain Cyber Principals.
- Create sub-strategies and provide expert input into AI and digital governance forums.
- Define cyber security reference architectures and standards for cloud, enterprise IT, and OT.
- Act as a standing cyber architecture authority in design and investment forums.
- Lead and shape cyber input into the wider Enterprise Architecture function.
- Engage with internal stakeholders and strategic vendors for roadmap decisions.
- Sponsor and support security community activities and global mentoring.
Key Skills:
- Expertise in cyber security architecture and strategy.
- Experience with cloud security and enterprise IT standards.
- Strong governance and risk assessment skills.
- Ability to influence design decisions and engage with stakeholders.
- Leadership experience in enterprise architecture.
- Excellent communication and mentoring skills.
Salary (Rate): undetermined
City: City of London
Country: United Kingdom
Working Arrangements: remote
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Whitehall Resources require a Security Architect to work with a key client on a 6-month initial contract.
*Inside IR35.
*Fully remote.
Security Architect
Role Description:
Define, govern, and assure the enterprise cyber security architecture across business, IT, cloud, OT and emerging technology domains. Act as an Enterprise Architect for Cyber and a design authority for cyber security, ensuring that security controls, platforms and patterns are aligned to business strategy, Cyber Strategy, and Enterprise Architecture Principals.
The role is strategic and architectural, not operational. To translate business and risk demands into architectural direction, influence design decisions through governance forums, and work closely with the Enterprise Security Office (ESO), IT Architecture, OT, and third-party partners to ensure solutions are secure by design. Not to own BAU security operations or delivery. Instead, provide the guidance, and reference architectures and decision to support.
Core responsibilities:
1. Security Strategy
* Shape forward looking cyber architecture strategy (2025 Cyber Strategy).
* Maintain Cyber Principals in LeanIX and Confluence
* Maintain Capability to Application maps
* Create Sub strategies and thought leadership for cyber domains – AI identity, Exposure management, OT security, Human Identity, Micro Segmentation
* Provide expert input into AI and digital governance forums such as AI Governance Forums
* Act as a cyber adviser to programmes and individuals/ teams dealing with tactical and strategic technology decisions.
2. Cyber security architecture & standards:
* Maintain Application Portfolio Management for Cyber Security
* Define cyber security reference architectures and standards covering cloud, enterprise IT and OT, including security design patterns used across projects and programmes.
* Review and approve security architecture decisions through formal governance boards such as Infrastructure Design Authority, CRM Design Authority (Primarily focusing on Salesforce Security Scores)
* Drive Cloud security improvements following the Cloud Security Posture Assessment
3. Design governance & risk-based decision making:
* Act as a standing cyber architecture authority in design and investment forums including Solution Design Board and Demand and Investment Council.
* Provide architectural risk assessments and trade off decisions where security, delivery and cost intersect for PIDS and ADD Part I and Part II to ensure solutions align to standards and risk appetite.
4. Enterprise Architecture leadership:
* Lead and shape cyber input into the wider Enterprise Architecture function, including the EA team’s priorities and ways of working.
* Chair or actively contribute to internal EA sessions such as the Bi Weekly EA Team Meeting and weekly Team Connect
* Write White papers for thought leadership.
5. Cross functional and external engagement:
* Represent cyber architecture in cross domain forums spanning IT, OT and business technology.
* Engage with internal stakeholders providing early Security insight into planned projects and activity.
* Engage with strategic vendors and advisors to shape roadmap level decisions.
6. Community, awareness and professional leadership
* Sponsor and support security community activity such as Cyber Champions and Enterprise wide cyber engagement through the Cyber Safety Corner and Weekly quiz.
* Global mentoring through Mentor Match
Regular meetings:
* Governance & design assurance
* Architecture Review Board
* Solution Design Board
* Infrastructure Design Authority
* Enterprise Architecture leadership
* EA Bi Weekly Meetings
* Quarterly Architecure Debt review
* Monthly EA Feedback meetings
* EA Pre-read meetings
* Security & risk governance
* IWSG
* Weekly IT/OT Cyber security Alignment
* ESO Mgmt Meeting
* ESO All Hands
* Cyber security Project review meetings
* AI Governance Forum
* External and vendor engagement (as required)
* Monthly Account reviews
* Enquiry calls as needed
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.
Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.