Security Architect
Posted 25 days ago
- London, Greater London
- Any
- External
- Expires In 2 months
We are partnered with a reputable global consultancy that are recruiting SECURITY ARCHITECTS to work on a very exciting LONG-TERM CONTRACT within the financial service sector.
Role: Security Architect (Data Solutions)
Rate: Up to £500 per day (inside IR35)
Location: Swindon / London Hybrid (2 days onsite)
Duration: 6 months (initially view to extend)
Role Description:
As a Security Architect within the internal integrations team, you will play a crucial role in ensuring the security and integrity of systems related to service mesh, container platforms, and data solutions. Your responsibilities will involve designing, implementing, and maintaining robust security measures to protect sensitive data, prevent unauthorized access, and mitigate risks.
Key responsibilities:
Collaborate with development and operations teams to design secure and scalable architectures for containerized applications, data mesh, and Kafka.
Assess and implement security controls for container platforms (e.g., Kubernetes, Docker).
Define and enforce container image security practices, including vulnerability scanning, image signing, and runtime security.
Understand and work with service mesh technologies & Implement mTLS (mutual Transport Layer Security) for service-to-service communication.
Secure data mesh components, including data lakes, data warehouses, and data pipelines.
Implement encryption, access controls, and auditing for Kafka topics and data streams & monitor anomalies in clusters.
Produce Detailed Threat models after reviewing technical design documents.
Design and implement authentication mechanisms (e.g., OAuth, JWT) for APIs and services.
Key skills:
Should have proven experience as a Security Architect working in a large, complex organization. Ideally, this experience would be within a financially regulated enterprise (e.g., PCI compliance).
Previous exposure & relevant knowledge of service mesh, container platforms, and data solutions like Kafka is essential.
Previous exposure to risks related to data exposure, privilege escalation, and denial-of-service attacks.
Relevant experience in securing service mesh & container platforms implementations is essential.
Be able to understand and assess the security elements of technical designs / solutions and have a proven ability to constructively challenge to deliver better business and security outcomes;
Good grasp of application security issues, knowing XSS vs SSRF for example. Know their way around OWASP T10 + API etc
Good knowledge of cryptography
Able to keep up with conversations around common CI/CD topics
Person Specification:
Previous experience in working in UK Financial Services or similar highly regulated industry;
Have a relevant professional qualification (or be working towards certification), such as Security+ / Network+ / CISM / CISSP.
Knowledge / experience of PCI-DSS, including PCI-P qualification;
Knowledge / experience of Data privacy and GDPR;
Grasp of what constitutes general best practice approach for this type of organisation (large financial)
CISM, CISSP certification preferred
Excellent interpersonal and communication skills.
Ability to work independently and collaboratively within a team.
If you are interested and have the relevant experience, please apply promptly and we will contact you to discuss it further.
Yilmaz Moore
Senior Delivery Consultant
London | Bristol | Amsterdam
ADZN1_UKTJ
Role: Security Architect (Data Solutions)
Rate: Up to £500 per day (inside IR35)
Location: Swindon / London Hybrid (2 days onsite)
Duration: 6 months (initially view to extend)
Role Description:
As a Security Architect within the internal integrations team, you will play a crucial role in ensuring the security and integrity of systems related to service mesh, container platforms, and data solutions. Your responsibilities will involve designing, implementing, and maintaining robust security measures to protect sensitive data, prevent unauthorized access, and mitigate risks.
Key responsibilities:
Collaborate with development and operations teams to design secure and scalable architectures for containerized applications, data mesh, and Kafka.
Assess and implement security controls for container platforms (e.g., Kubernetes, Docker).
Define and enforce container image security practices, including vulnerability scanning, image signing, and runtime security.
Understand and work with service mesh technologies & Implement mTLS (mutual Transport Layer Security) for service-to-service communication.
Secure data mesh components, including data lakes, data warehouses, and data pipelines.
Implement encryption, access controls, and auditing for Kafka topics and data streams & monitor anomalies in clusters.
Produce Detailed Threat models after reviewing technical design documents.
Design and implement authentication mechanisms (e.g., OAuth, JWT) for APIs and services.
Key skills:
Should have proven experience as a Security Architect working in a large, complex organization. Ideally, this experience would be within a financially regulated enterprise (e.g., PCI compliance).
Previous exposure & relevant knowledge of service mesh, container platforms, and data solutions like Kafka is essential.
Previous exposure to risks related to data exposure, privilege escalation, and denial-of-service attacks.
Relevant experience in securing service mesh & container platforms implementations is essential.
Be able to understand and assess the security elements of technical designs / solutions and have a proven ability to constructively challenge to deliver better business and security outcomes;
Good grasp of application security issues, knowing XSS vs SSRF for example. Know their way around OWASP T10 + API etc
Good knowledge of cryptography
Able to keep up with conversations around common CI/CD topics
Person Specification:
Previous experience in working in UK Financial Services or similar highly regulated industry;
Have a relevant professional qualification (or be working towards certification), such as Security+ / Network+ / CISM / CISSP.
Knowledge / experience of PCI-DSS, including PCI-P qualification;
Knowledge / experience of Data privacy and GDPR;
Grasp of what constitutes general best practice approach for this type of organisation (large financial)
CISM, CISSP certification preferred
Excellent interpersonal and communication skills.
Ability to work independently and collaboratively within a team.
If you are interested and have the relevant experience, please apply promptly and we will contact you to discuss it further.
Yilmaz Moore
Senior Delivery Consultant
London | Bristol | Amsterdam
ADZN1_UKTJ
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
