Role: Security Architect
Contract Length: 9 months
Location: Hybrid/London, Bristol or Manchester - Time on site on a weekly basis is expected
IR35: Inside
Pay Rate to Intermediary: Market Rate
Security Clearance: BPSS
Spinwell is recruiting for a Security Architect for an excellent opportunity within the public sector.
RESPONSIBILITIES OF THE SECURITY ARCHITECT
- Design and work to continuously improve the security of our platforms and services
- Develop and communicate meaningful security policies
- Prioritise and deliver recommendations and improvements in response to incident reviews
- Advocate for a risk based, outcome driven view of secure architecture
- Identify and promote best practices for multidisciplinary teams to deliver robust, resilient, secure and scalable solutions
- Facilitate team meetings, sizing and planning meetings, and incident reviews
- Ensure the team has good processes in place
- Communicate concerns, risks and issues with the broader team and senior management
- Set an example for and encourage positive and constructive communication both within the team and when communicating with other teams
- Cultivate and maintain relationships with other security teams within client and the rest of government
- Coach developers and other colleagues
SKILLS/EXPERIENCE OF THE SECURITY ARCHITECT
- Have a deep understanding and extensive experience in security-specific technologies and systems
- Are exploring and identifying security options tailored to complex enterprise solutions, while assessing the risks associated with proposed changes
- Are designing the security posture for federated, decoupled, and complex systemsin cloud environments (AWS)
- Have experience with network and boundary protection technologies, such as firewalls, gateways, antivirus solutions, and cross-domain systems
- Have excellent understanding and experience in authentication and authorization technologies (e.g., SAML, AD, LDAP, OIDC, OAuth 2.0, Federated IdPs, RBAC/ABAC, SSO), as well as cryptographic frameworks and protocols (e.g., PKI, digital signatures, TLS/mTLS, and encryption algorithms)
- Able to perform threat models for strategic application systems, identify security design flaws and technology weaknesses, and define security design requirements to address cyber threats
- Have knowledge of securing container orchestration platforms (e.g., EKS, Kubernetes RBAC, network policies, Docker)
- Have knowledge of DLP (Data Loss Prevention) solutions
- Have knowledge of security frameworks and best practices (e.g., NIST, ISO 27001, CIS, NCSC,OWASP Web, API security)
- Have knowledge of SIEM tools and real-time threat detection systems
If you are a Security Architect, apply now or send your CV to Spinwell!
We welcome all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Applying to this or any other vacancy advertised by Spinwell Ltd constitutes an agreement for Spinwell Ltd to hold your details for 24 months for the purpose of assessing suitability for the advertised position and to make you aware of any other positions deemed suitable of which You will make you aware by means of either email, text or phone. In line with GDPR regulations you are able to request your details be removed from the company data at any time by emailing us