Senior Application Security Architect
Posted 1 week ago by 1749116561
£825 Per day
Inside
Hybrid
Knutsford
Summary: The Senior Application Security Architect role involves defining and maintaining a current Security Architecture across key domains, ensuring alignment with project technology strategies, and producing architectural artifacts. The position requires collaboration with stakeholders to implement security capabilities and drive continuous learning in evolving technologies and regulatory trends. The architect will also engage with development teams to ensure adherence to security requirements and participate in security architecture reviews. This role is critical in identifying and addressing security design gaps while supporting complex engagements with security consultants.
Key Responsibilities:
- Define and maintain Security Architecture for key domains.
- Ensure architectural vision for all projects with defined component architecture.
- Produce architecture artifacts for regulatory queries and attestations.
- Map security tooling to operational capabilities.
- Review planned projects for alignment with technology/platform strategy.
- Provide input and ownership of architectural artifacts for project outcomes.
- Surveil emerging threats and technologies for innovation opportunities.
- Produce patterns for common business security needs.
- Support Security Consultants on complex engagements.
- Collaborate with stakeholders to implement security capabilities.
- Drive continuous learning around evolving technologies and security trends.
- Participate in security architecture reviews to identify design gaps.
- Engage with development teams on critical security requirements.
- Synthesize inputs for rapid architectural decisions.
- Identify and track key risks from design choices.
- Exhibit strong problem-solving capabilities and innovative solutions.
- Instil a focus on quality and security-first mentality.
- Maintain strong understanding of cyber-attack methods and defenses.
- Apply knowledge of the cyber security marketplace to solve challenges.
- Drive change and provide thought leadership.
- Communicate effectively with technical and non-technical audiences.
Key Skills:
- Advanced degree and/or relevant work experience in technical topics.
- Strong written and spoken communication skills.
- In-depth technical knowledge of cyber security.
- Understanding of continuous integration/continuous delivery methods.
- Ability to collaborate with stakeholders.
- Strong problem-solving capabilities.
- Ability to synthesize and distill key inputs.
- Knowledge of cyber-attack methods and defenses.
- Experience in security architecture reviews and governance.
- Ability to drive change and provide thought leadership.
Salary (Rate): £825 per day
City: Knutsford
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: Senior
Industry: IT
Role Title: Senior Application Security Architect
Duration: 6 Months
Location: Knutsford (2-3 Days Per Week)
Rate: £825 Per Day - Umbrella only
Would you like to join a global leader in consulting, technology services and digital transformation?
Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms.
Role purpose / summary
Ensure there is a current Security Architecture defined and maintained for key domains (e.g., Endpoint, Cloud, Network, etc.) which clearly outlines the security principles, requirements and capabilities required and how those are instantiated
Ensure there is an architectural vision for all projects that at minimum has a component architecture and high-level business process defined (including the product owner and operational team)
Ensure architecture artifacts allow to us to quickly answer and evidence routine regulatory queries and attestations
Ensure there is a fit for purpose set of Functional and Non-Functional Requirements for project technology deliveries
Map security tooling deployed in the estate (including non-standard environments and non-CISO managed technologies) to the capabilities it implements (not the set of product features - what is actually in use and operationalised)
Review all planned CEP projects have correctly aligned scope and technology/platform strategy
Provide input to and take ownership of relevant architectural artifacts that will be produced as part of CEP outcomes
Surveil emerging threats and emerging technologies to identify opportunities for targeted innovation exercises such Proof of Value evaluations
Produce patterns which outline solutions for commonly occurring business security needs and security service consumption
Validate patterns are adopted by control domain solutions
Support Security Consultants as required on complex engagements and provide architectural artifacts such as patterns and principles where necessary
General skills/expertise
Ability to collaborate with stakeholders to connect dots and achieve implementation and integration of security capabilities across the organisation
Understand, pioneer and drive continuous learning within the team around evolving technologies, security, and regulatory trends in domain area (e.g., Data Security, Application Security) and identify new opportunities to advance cyber security capabilities in response to them - always driving an outside-in mentality to learn from best in class
Participate in/contribute to security architecture reviews and governance to identify security design gaps in existing and proposed security projects and recommend approaches to resolve them
Engage with development teams to ensure they understand and adhere to critical security requirements across all business applications and drive developers toward preferred approaches for achieving those requirements when available
Able to synthesize and distil key inputs to make rapid and qualified architectural decisions
Able to identify, log, and track key risks arising because of design choices, where appropriate??
Exhibits strong problem-solving capabilities leveraging significant technical knowhow and wider team knowledge?
Can find innovative solutions to issues and achieve stakeholder buy-in?
Able to instil a focus on quality and security first mentality
Strong understanding of the methods and means of cyber-attacks and how to defend against them
In depth technical knowledge of cyber security and continuous integration/continuous delivery development methods
Knowledge of the cyber security marketplace and how to apply its capabilities to solve cyber challenges
Proven ability to drive change / provide thought leadership
Advanced degree and/or work experience in relevant technical topics
Strong written and spoken communications skills including the ability to develop effective messaging for technical, non-technical, and senior leadership audiences
All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!