Lead Security Architect

Location: City of London, London
Salary: £80000 - £95000 per annum
Posted: 24 days ago
Contract Type: Permanent
Industry: Data & Technology, Cyber Security & Technology Risk
Contact Name: Alec Dewell
Contact Email:

Alec Dewell

Senior Consultant, UK

See more of Alec Dewell's jobs

Lead Security Architect

The role of the Lead Security Architect is the management of several Application and Cloud related Security Architecture projects. The Lead Security Architect will own the 3 year roadmap globally for the business and be seen as a subject matter expert on Application Security.

The Lead Security Architect may work across either the Enterprise, Technical, Data or Solutions Architecture disciplines. Focus is on Application & Database Security, Cryptography, Network Security and Information Security Architecture.

This is a chance for an experienced Lead Security Architect professional to join a well known global insurance brand with a huge amount on investment across the entire IT estate. Some key projects include; cloud migration, new underwriting platform and new web applications for claims management.

Lead Security Architect Responsibilities:

  • Work with CIO, Product Mangers, Portfolio Managers and Application Managers to ensure the architectural landscape is fully understood.
  • Defining and shaping the security roadmap with 1, 3 and 5yr plans where appropriate.
  • Providing ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc.
  • Working to integrate relevant teams (modelling, development, Ops etc) and ensure that solution designs are aligned across the business.
  • Performing strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressing
  • Facilitating workshops with Technical and Business stakeholders to provide direction or drive issue resolution - providing analysis, distilling down to key decisions, and capturing next steps or plan for issue resolution

Lead Security Architect Skills:

  • Domain expertise in three or more areas:
    • Network Security (e.g. WAFs, Firewalls, Proxy, IDS/IPS, CASB)
    • Information Protection including classification, tagging, and Data Loss Protection
    • Identity & Access Management (incl. RBAC, recertification, federation, and MFA)
    • Malware detection
    • Endpoint security capability (e.g. posture check & isolation, device lockdown, etc.)
    • Cryptography (e.g. key & certificate management, hardware security modules, data encryption & rights management solutions)
    • Vulnerability management, risk management and threat intelligence
    • Application & Database Security (incl. SDLC, code scanning solutions, DB firewall & monitoring)
    • Security monitoring, correlation and operations
  • Be adept at identifying and addressing emerging domain trends and articulating considerations, impacts and future decisions
  • Proven experience using Information Security Frameworks (e.g. ISF, NIST, ISO) and use of Architecture development methods (e.g. TOGAF)
  • Previous experience of seeing Security Architecture direction and decision making through to Design, Implementation and Run/Operations.

For more information get in touch with Alec Dewell on 0203 861 9134 or

Similar Jobs