Job Description

Security Architect
Day Rate: £640 Inside IR35
Swindon
PCD300029

Role Overview
We are seeking an experienced Security Architect to join our Realtime Platforms team. You will ensure robust security controls across hybrid and multi-cloud environments for a leading financial services organisation, aligning with regulatory and compliance requirements. This role involves working on cutting-edge technologies including service mesh deployments and API security gateway for API security and integration, contributing to high-impact projects that protect sensitive data and digital assets.

Key Responsibilities
Develop and maintain security architecture for service mesh and containerised environments.
Conduct risk assessments and implement mitigation strategies.
Create threat models aligned with MITRE ATTACK & STRIDE frameworks.
Recommend controls and enforce best practices for APIs, microservices, and data flows.
Design and review secure API gateways using API security gateway.
Implement mTLS, RBAC, and zero-trust principles.
Configure and manage API security gateway for API security, encryption, authentication, and traffic mediation.
Collaborate with teams to integrate security measures and communicate risks to stakeholders.
Required Skills & Knowledge
Proven Security Architect experience in large, complex organisations, ideally in financial services (PCI compliance).
Hands-on experience with API security gateway, OAuth 2.0, JWT, TLS, WS-Security, and encryption standards.
Previous experience developing bespoke threat models using MITRE ATTACK & STRIDE.
Ability to design secure architectures for hybrid/multi-cloud environments.
Knowledge of zero-trust security models and microservices security.
Ability to assess security aspects of technical designs and provide constructive guidance.
Strong cryptography knowledge.
Experience in UK Financial Services or similar regulated industry.
Relevant qualification (or working towards) such as CISM or CISSP.
Familiarity with M&A processes and associated security challenges.
Proficiency in CI/CD tools (infrastructure-as-code tooling, Ansible, version-control tooling, source-control and CI/CD tooling).
Knowledge of PCI-DSS (including PCI-P), GDPR, and financial regulatory frameworks.
Excellent interpersonal, communication, and client-facing skills.