Security Architect (Service Mesh & IBM DataPower)

Security Architect (Service Mesh & IBM DataPower)

Our client, a leading global supplier for IT services, requires experienced Security Architect to be based at their client's office in Swindon, UK.

This is a hybrid role, and you may be able to work some days remotely.

This is a 6+ month temporary contract to start ASAP

Day rate: Competitive Market rate

Role description:

As a Security Architect focusing on Realtime Platforms team, your primary responsibility will be to ensure robust security controls across hybrid and multi-cloud environments, aligning with regulatory and compliance requirements. This role requires deep expertise in service mesh technologies and IBM DataPower for API security and integration.

Key Responsibilities:

• Develop and maintain security architecture for service mesh deployments across Kubernetes and containerised environments
• Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies
• Create comprehensive threat models aligning with MITRE ATTACK & STRIDE frameworks
• Recommend the best controls & mitigations to potential vulnerabilities
• Design/review secure API gateways and integration patterns using IBM DataPower appliances
• Define and enforce security policies, standards, and best practices for microservices, APIs, and data flows, ensuring compliance with financial regulations (eg, PCI DSS, ISO 27001, GDPR)
• Implement mTLS, RBAC, and zero-trust principles within service mesh frameworks
• Configure and manage DataPower for API security, encryption, authentication (OAuth 2.0, JWT, WS-Security), and traffic mediation
• Collaborate with cross-functional teams to integrate security measures seamlessly with downstream systems
• Communicate security risks and strategies effectively to stakeholders, including executive leadership and IT teams

Key Requirements:

• Proven experience as a Security Architect working in a large, complex organisation - ideally, this experience would be within a financially regulated enterprise (eg, PCI compliance)
• Hands-on experience with IBM DataPower for API security, integration, and policy enforcement
• Familiarity with OAuth 2.0, JWT, TLS, WS-Security, and encryption standards
• Previous relevant experience in developing bespoke Threat Models leveraging frameworks like MITRE ATTACK & STRIDE
• Proven ability to design secure architectures for hybrid/multi-cloud environments
• Experience with zero-trust security models and microservices security
• Be able to understand and assess the security elements of technical designs/solutions and have a proven ability to constructively challenge to deliver better business and security outcomes
• Good knowledge of cryptography
• Have a relevant professional qualification (or be working towards certification), such as CISM/CISSP
• Familiarity with M&A processes and the unique security challenges they present
• Proficiency in CI/CD automation tools (Terraform, Ansible, Git, Jenkins)
• Knowledge/experience of PCI-DSS, including PCI-P qualification
• Knowledge/experience of Data privacy and GDPR
• Experience with regulatory compliance frameworks specific to financial organisations
• Excellent interpersonal and communication skills

Due to the volume of applications received, unfortunately we cannot respond to everyone

If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.