Security Architect

Summary: The Security Architect role involves developing secure architecture designs for container platforms and strengthening security controls across virtualization technologies. The position requires active security clearance and entails conducting security assessments, embedding security controls within CI/CD pipelines, and engaging with stakeholders to influence architectural decisions. The role is primarily remote with occasional on-site work in Bristol and is outside IR35.

Key Responsibilities:

• Develop secure architecture designs for container platforms (e.g., Kubernetes, OpenShift, Docker).
• Architect and strengthen security controls across virtualization technologies, including VMware, Hyper-V, and cloud-native virtualization frameworks.
• Produce high-quality HLDs/LLDs, security patterns, and architectural governance artifacts.
• Ensure designs align with NCSC guidance, industry best practices (e.g., CIS Benchmarks), and organizational policy.
• Conduct security assessments and threat modeling against containerized and virtualized workloads.
• Validate platform configurations against security baselines, compliance frameworks, and risk appetite.
• Provide expert guidance during project delivery to ensure security by design principles are followed.
• Support accreditation activities and ensure all architectural documentation meets government standards.
• Embed security controls within CI/CD pipelines.
• Advise on secure container image lifecycle management (build, scan, deploy, retire).
• Evaluate and implement tools for container security scanning, runtime protection, and secrets management.
• Define security controls for ingress/egress, service mesh, and inter-container communications.
• Work closely with engineering, infrastructure, and security operations teams.
• Act as SME for containerization and virtualization security.
• Communicate complex technical concepts to both technical and non-technical stakeholders.
• Influence and guide senior leadership on architectural decisions and risk.

Key Skills:

• Active SC Clearance (minimum).
• Proven track record as a Security Architect in large-scale or secure environments.
• Deep technical knowledge of Kubernetes, Docker, and container orchestration platforms.
• Virtualization platforms such as VMware vSphere/ESXi, Hyper-V, or KVM.
• Cloud platforms (AWS, Azure, GCP) and container services (AKS/EKS/GKE).
• Strong understanding of network and infrastructure security, Zero Trust principles, IAM, secrets management, workload isolation, and micro-segmentation.
• Knowledge of security standards and frameworks: NIST, ISO 27001, CIS Benchmarks, NCSC Cloud Security Principles, Government Security Classifications Policy.
• Experience with OpenShift or enterprise Kubernetes distributions.
• Hands-on security tooling (Falco, Istio, Calico, etc.).
• Experience with SAST/DAST, SBOMs, and software supply chain security.
• Familiarity with automation tooling (Terraform, Ansible, Helm).
• Certifications such as CCSK / CCSP, CISSP, CISM, Kubernetes Security Specialist (CKS), VMware security-related certifications.

Salary (Rate): £600 daily

City: Bristol

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT