Security Architect (financial services)

Posted 18 July 2025
Salary Competitive
LocationLondon
Job type Contract
Discipline Cyber Security
Reference74059
Remote working Hybrid/Flexible

Job description

Security Architect

Start: ASAP
Duration: 6-12 months
Location: Reading, Berkshire (3-4 days on site per week)
Pay: INSIDE IR35, up to £775 / day

We are seeking a highly experienced Security Architect to lead the design and assurance of robust, scalable, and compliant cloud security solutions within the financial services sector. This is a pivotal role supporting the delivery of complex transformation programmes for a major European client operating in a highly regulated environment.


Key Responsibilities:
- Define and evolve cloud security architecture strategy aligned to business and European regulatory requirements (e.g., DORA, NIS2, GDPR).
- Serve as a trusted advisor to leadership and technical teams on security best practices.
- Develop and enforce security standards and reference architectures for hybrid and cloud-native systems.
- Lead threat modelling, architecture reviews, and risk assessments across cloud platforms.
- Ensure compliance with regulatory frameworks (PSD2, ISO 27001, PCI DSS, NIST CSF, CSA CCM).
- Integrate security into CI/CD and Infrastructure-as-Code workflows (DevSecOps).
- Design and guide implementation of secure cloud infrastructure and services.
- Champion Zero Trust and secure-by-design principles across the SDLC.
- Evaluate, select, and integrate security technologies (e.g., CSPM, CWPP, SIEM).
- Mentor engineers and contribute to security capability uplift across teams.

Required Experience & Skills:
- 15+ years in Information Security, with at least 7 years in Security Architecture.
- Proven track record in Cloud Security Architecture for large-scale enterprise environments.
- Deep domain knowledge in financial services and related European regulations (e.g., DORA, PSD2).
- Hands-on expertise across IAM, network, application, data, and container security.
- DevSecOps experience and strong understanding of CI/CD and cloud-native tooling.
- Familiarity with multi-cloud security architecture (AWS, Azure, GCP).
- Strong communication, strategic thinking, and stakeholder engagement skills.
- Relevant certifications (e.g., CISSP, CCSP, AWS Security, TOGAF) highly desirable.