Security Architect

Security Architect

Triad is seeking a Security Architect; you will play a critical role in designing, assuring, and delivering secure solutions across our client engagements. You will champion Secure by Design principles and lead threat modelling activities to ensure risks are identified and mitigated early in the lifecycle. Working closely with stakeholders, you will define security architectures, ensure compliance with relevant standards, and embed security best practices throughout delivery.

• Security Architecture Design – Develop and maintain secure architecture patterns, ensuring alignment with business and technical requirements.
• Secure by Design – Embed security into every stage of the solution lifecycle, ensuring systems are designed with security controls from the outset rather than retrofitted.
• Threat Modelling – Lead and facilitate threat modelling exercises (e.g., STRIDE), identifying vulnerabilities and defining mitigations early in delivery.
• Risk Assessment – Identify, assess, and mitigate security risks across systems, applications, and infrastructure.
• Security Assurance – Provide governance and assurance across projects, ensuring compliance with security standards and frameworks.
• Stakeholder Engagement – Collaborate with clients, delivery teams, and senior stakeholders to embed security into solution design.
• Standards & Compliance – Ensure adherence to industry standards such as ISO 27001, NIST, and government security policies.

• Experience working as a Security Architect or in a senior security role within complex environments.
• Strong practical experience applying Secure by Design principles in modern architectures.
• Hands‑on experience conducting threat modelling (e.g., STRIDE, attack trees) and risk analysis.
• Strong understanding of security frameworks and best practice such as ISO 27001, NIST, CIS, OWASP, NCSC guidance.
• Experience working in the UK Public Sector and associated security standards and guidance including Gov Assure/NCSC CAF, HMG Security Policy Framework.
• Knowledge of cloud security principles across platforms such as AWS, Azure, or GCP.
• Experience with identity and access management, encryption, network security, and secure application design including security tooling.
• Ability to communicate complex security concepts to both technical and non‑technical stakeholders.
• Experience supporting agile delivery teams.

• A degree or equivalent qualification related to the area you work in – desirable.
• Relevant certifications such as CISSP, CISM, TOGAF, or SABSA – desirable.
• Due to the nature of this position, you must be willing and eligible to achieve a minimum of SC clearance. To be eligible, you must have been a resident in the UK for a minimum of 5 years and have the right to work in the UK.

• Continuous Training & Development:
  Access to top‑rated Udemy Business courses.
• Work Environment:
  Collaborative, creative, and free from discrimination.

• 25 days of annual leave, plus bank holidays.
• Matched pension contributions (5%).
• Private healthcare with Bupa.
• Gym membership support or Lakeshore Fitness access.
• Perkbox membership.
• Cycle‑to‑work scheme.

Triad is an equal opportunities employer and welcomes applications from all suitably qualified people regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion, or belief. We are proud that our recruitment process has been recognised as inclusive and accessible to disabled people who meet the minimum criteria for any role. We are a signatory on the Tech Talent Charter that aims to bring industries and organisations together to drive greater inclusion and diversity in technology roles, in addition, as a Disability Confident Leader.