Enterprise Security Architect

Role Title: Security Enterprise Architect

Duration: contract to run until 31/12/2025

Location: Remote, occasional travel to the London Office for meetings

Rate: up to £441.60 p/d Umbrella inside IR35

Role purpose/summary

We are seeking an experienced Enterprise Architect to join our dynamic team and play a pivotal role in shaping the technical strategy of our organization. The ideal candidate will possess a minimum of three years' experience in enterprise architecture, with a robust foundational understanding of Public Key Infrastructure (PKI), application development, and certificate usage. This position requires a well-rounded knowledge of security tooling, identity and access management (IAM) technologies, and a proven track record in designing and implementing scalable, secure architectures. The successful candidate will collaborate closely with application development teams to identify use cases and integration approaches, while also contributing to the creation of reusable design patterns, High-Level Designs (HLDs), and Low-Level Designs (LLDs).

Key Skills/requirements

• Enterprise Architecture Development: Develop, maintain, and document PKI use cases for implementation onto a CyberArk/Venafi PKI platform.
• Security and PKI Expertise: Leverage knowledge of PKI, certificate management, and cryptographic protocols to design secure systems and guide application teams in the effective use of digital identities and certificates.
• Collaboration and Integration: Work closely with cross-functional application development teams to understand business and technical requirements of PKI certificates, identify integration use cases, and recommend best-fit architectural solutions.
• Design Patterns and Documentation: Create and maintain standardized design patterns, HLDs, and LLDs to promote architectural consistency and reusability across solutions.
• Security Tooling and IAM: Advise on the selection, implementation, and operation of security tools and IAM technologies. Ensure robust solutions for authentication, authorization, and identity life cycle management.
• Governance and Best Practices: Define and enforce architectural standards, policies, and best practices. Review projects and designs to ensure compliance with security and architectural requirements.
• Stakeholder Engagement: Serve as a trusted advisor to business and technical stakeholders, translating complex technical concepts into clear, actionable guidance.
• Continuous Improvement: Proactively research, evaluate, and recommend emerging technologies, industry trends, and standards to enhance architectural capabilities.
• Mentorship: Provide guidance and mentorship to junior architects, engineers, and developers to foster knowledge sharing and best practices across teams.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field; Master's degree preferred.
• Minimum of 3 years of experience as an enterprise architect or in a closely related architectural role.
• Strong foundational understanding of PKI infrastructure, certificate life cycle management, and secure key management practices.
• Hands-on experience with application development and deployment in enterprise environments (eg, Java, .NET, Python, or similar platforms).
• Demonstrated knowledge of certificate usage within enterprise systems, including TLS/SSL, code signing, S/MIME, and endpoint authentication.
• Well-rounded expertise in security tooling, such as SIEM, vulnerability management, EDR/XDR, DLP, and network security appliances.
• Comprehensive understanding of IAM technologies and concepts, including single sign-on (SSO), multi-factor authentication (MFA), federated identity, provisioning, and access governance.
• Proven experience creating architectural deliverables, including design patterns, HLDs, and LLDs for large-scale, enterprise-grade solutions.
• Excellent communication and interpersonal skills, with the ability to interact effectively with developers, security teams, and business stakeholders.
• Strong problem-solving abilities, analytical thinking, and an aptitude for balancing security, usability, and performance considerations.

Desired Qualifications:

• Relevant industry certifications such as TOGAF, SABSA, CISSP, CCSP, AWS/Azure Architect, or similar.
• Experience with cloud security architectures (AWS, Azure, GCP) and hybrid on-premises/cloud environments.
• Familiarity with DevSecOps, CI/CD pipelines, and secure software development life cycle (SDLC) practices.
• Background in regulatory compliance frameworks (eg, GDPR, HIPAA, PCI-DSS, ISO 27001).
• Experience with containerization technologies (Kubernetes, Docker) and microservices architectures.
• Exposure to Zero Trust security models and modern authentication frameworks (OAuth2, OpenID Connect, SAML).

Core Competencies:

• Strategic Thinking: Ability to see the big picture and develop long-term, scalable architectural strategies that align with organizational priorities.
• Technical Leadership: Demonstrated expertise in leading complex projects and guiding teams through architectural challenges.
• Adaptability: Flexibility to adapt to changing business needs, technologies, and priorities in a fast-paced enterprise environment.
• Team Collaboration: Proven success working collaboratively across diverse technical and business teams.
• Documentation: Skill in producing crisp, comprehensive, and accessible architectural documentation for a range of audiences.

Key Focus Areas:

• Partnering with application development teams to gather requirements, define integration approaches, and ensure security by design.
• Identifying opportunities for architectural improvement and standardization across projects and business units.
• Establishing and advocating for design patterns that address common integration and security challenges.
• Facilitating architecture review boards and contributing to architectural governance processes.
• Supporting incident response and troubleshooting complex integration or security issues when escalated.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!