Security Architect

We have an exciting opportunity for a proactive and technical Security Consultant (Architect) to join our Information Security team.

You will play a crucial role in ensuring the confidentiality, integrity, and availability of our organisational information assets. Join our team if you have a thorough understanding of information security principles and a passion for designing and implementing robust security measures.

The role will be based at our Bournemouth office on a hybrid working pattern.

Key Responsibilities

Security Architecture:

• Lead the design and development of secure enterprise systems, networks, and solutions, ensuring alignment with organisational risk appetite, industry standards, and regulatory requirements.

• Collaborate with enterprise and technical architects to maintain and evolve comprehensive security architecture documentation and design effective security controls.

• Serve as the security representative on governance boards and committees as designated by the Head of Information Security.

• Support specialist testing initiatives such as red team engagements and advanced threat simulations, including scoping, execution, and review.

• Continuously develop professional knowledge and expertise, staying abreast of emerging security trends, technologies, and best practices.

Security Policies and Procedures:

• Develop and maintain information security policies, standards, and procedures, ensuring clear communication and integration across the organisation to ensure a robust and cohesive security posture.

• Collaborate with business and technical teams to embed security requirements and best practices into enterprise processes and solution designs.

Technology Evaluation:

• Evaluate emerging technologies, tools and architectural approaches to strengthen security capabilities, and articulate the business value of new security controls investments.

• Partner with IT and business stakeholders to integrate security requirements into technology selection, solution design, and implementation.

About You

Demonstrable expertise and practical experience in the following areas:

• Define and document security requirements

• Perform security architecture assurance activities, evaluate solution designs against Information Security Management System (ISMS) controls, regulatory obligations (e.g. FCA, PRA, EBA), and internal security standards

• Design and advise on secure application and system development practices, including adherence to OWASP principles, secure coding standards, and secure configuration baselines relevant to financial services

• Architect and integrate secure systems, with a focus on strong authentication, authorisation, encryption, and access control, especially for systems processing sensitive financial data

• Provide security consultancy and architectural guidance to business and technology projects, ensuring alignment with financial industry threat landscapes, compliance obligations, and business objectives

• Apply architectural frameworks, techniques, and methodologies such as the NIST Cybersecurity Framework, NIST SP 800-53, ISO 27001/2, CIS Controls, and financial services regulatory guidance

• Develop and maintain technical security policies, standards tailored for financial services operations

• Experience in one or more architectural domains, including application architecture, middleware, infrastructure, or enterprise architecture, particularly in financial contexts

• Strong working knowledge of securing cloud services and environments (SaaS, PaaS, IaaS), including considerations for financial regulatory compliance, data residency, and third-party risk management

• Excellent skills in communication, negotiation, and stakeholder engagement, with the ability to translate complex technical concepts into clear, business-focused language for financial services audiences

• Demonstrated pragmatism and business acumen, balancing security requirements with innovation, customer experience, and regulatory demands in the financial sector

Desirable

• Professional security certifications relevant to architecture and the financial sector, such as CISSP, ISSAP, CISM, or…