Security Architect

Security Architect

Location: Swindon (Hybrid)
Contract Duration: 6 Months
Start Date: ASAP
Day Rate: £531.25 Inside IR35

Role Overview

We are seeking an experienced Security Architect to join our Realtime Platforms team. You will ensure robust security controls across hybrid and multi-cloud environments for a leading financial services organisation, aligning with regulatory and compliance requirements. This role involves working on cutting-edge technologies including service mesh deployments and IBM DataPower for API security and integration, contributing to high-impact projects that protect sensitive data and digital assets.

Key Responsibilities

• Develop and maintain security architecture for service mesh and containerised environments.
• Conduct risk assessments and implement mitigation strategies.
• Create threat models aligned with MITRE ATTACK & STRIDE frameworks.
• Recommend controls and enforce best practices for APIs, microservices, and data flows.
• Design and review secure API gateways using IBM DataPower.
• Implement mTLS, RBAC, and zero-trust principles.
• Configure and manage IBM DataPower for API security, encryption, authentication, and traffic mediation.
• Collaborate with teams to integrate security measures and communicate risks to stakeholders.

Required Skills & Knowledge

• Proven Security Architect experience in large, complex organisations, ideally in financial services (PCI compliance).
• Hands-on experience with IBM DataPower, OAuth 2.0, JWT, TLS, WS-Security, and encryption standards.
• Previous experience developing bespoke threat models using MITRE ATTACK & STRIDE.
• Ability to design secure architectures for hybrid/multi-cloud environments.
• Knowledge of zero-trust security models and microservices security.
• Ability to assess security aspects of technical designs and provide constructive guidance.
• Strong cryptography knowledge.
• Experience in UK Financial Services or similar regulated industry.
• Relevant qualification (or working towards) such as CISM or CISSP.
• Familiarity with M&A processes and associated security challenges.
• Proficiency in CI/CD tools (Terraform, Ansible, Git, Jenkins).
• Knowledge of PCI-DSS (including PCI-P), GDPR, and financial regulatory frameworks.
• Excellent interpersonal, communication, and client-facing skills.
• Assertive, collaborative, and able to lead or support teams effectively.