Security Architect

Job Title: Security Architect

Location: London (Hybrid)

Contract: £750 per day | Outside IR35

Industry: Insurance

Company & Role Overview: We are seeking a highly experienced Security Architect to join a major insurance organisation in London. This is a critical role supporting a high-profile enterprise security transformation within a complex insurance environment. Candidates must have a minimum of 5 years' experience working within a Tier 1 insurance company , such as Lloyd's syndicates, global reinsurers, or large commercial insurance groups. This experience is essential for understanding the nuances of insurance sector architecture, regulatory expectations, and security-by-design across underwriting, claims, policy administration, and actuarial systems. Reporting into the Head of Architecture , and working closely with the Head of IT Risk and Cybersecurity , you will be instrumental in shaping secure technology solutions aligned with evolving threat landscapes and business priorities within the insurance sector.

Key Responsibilities:

• Define and maintain an enterprise security architecture strategy tailored for insurance-specific systems and data flows.
• Work with IT delivery and change teams to ensure all business and IT solutions are designed with robust security controls embedded from the outset.
• Apply industry-leading practices to protect sensitive insurance data including underwriting models, client PII, reinsurance structures, and financial transaction systems.
• Drive architectural governance to ensure security policies, standards, and patterns are followed across digital, cloud, legacy, and third-party platforms.
• Provide security architectural input into major insurance transformation programmes (e.g. policy administration, claims digitisation, cloud migration).
• Act as a thought leader across cybersecurity and enterprise architecture forums, ensuring alignment with both technology roadmaps and risk appetite.
• Collaborate with the Technology Risk team to assess and mitigate emerging risks impacting insurance-specific operations and regulatory compliance (e.g. FCA, PRA, Lloyd’s Minimum Standards).

Required Experience & Skills:

• Minimum 5 years of experience working within a leading insurance company in a security architecture or equivalent senior cybersecurity role.
• Demonstrable experience designing secure architectures for complex insurance platforms across applications, infrastructure, cloud, and third parties.
• Strong grasp of insurance data models, digital workflows, and sector-specific regulatory requirements.
• Excellent knowledge of security frameworks and methodologies (e.g. NIST, ISO 27001, OWASP).
• Proficiency in security-by-design, cloud security (Azure/AWS), zero trust, and secure API design.
• Strong interpersonal skills with the ability to communicate complex technical matters to senior business and IT stakeholders.
• Relevant certifications highly desirable: CISSP, CISM, TOGAF, SABSA or similar.

Key Attributes:

• Collaborative and pragmatic, with the ability to balance risk, delivery, and architectural integrity.
• Able to work independently while engaging across matrixed functions and teams.
• Adept at managing ambiguity in large, complex, regulated organisations.
• Focused on delivering security value that directly supports the insurance business’s strategic goals.

Contract Details:

• Daily Rate: £750
• IR35 Status: Outside IR35
• Location: London-based (Hybrid working)
• Duration: Initial 6 months with high likelihood of extension