×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Network Security IT Consultant

Cyber Security - Security Architect

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: LA International
Contract position
Listed on 2026-05-23
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Network Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 500 - 600 GBP Daily GBP 500.00 600.00 DAY
Job Description & How to Apply Below
Location: Greater London

Cyber Security - Security Architect

6 Month contract initially, based on up to 4 days per week onsite in London. Rate: £500-£600 per day via umbrella.

Key Responsibilities
  • Security Architecture Design – develop and maintain security architecture patterns, reference models, and technical standards aligned to CIS Controls v8.
  • CIS Controls Implementation – lead the deployment, tuning, and validation of CIS Safeguards across endpoints, networks, cloud platforms, and identity systems.
  • Risk & Gap Assessments – perform maturity assessments against CIS Controls, identify gaps, and propose prioritized remediation plans.
  • Security Engineering Collaboration – work closely with infrastructure, Dev Ops, and application teams to embed security‑by‑design principles.
  • Threat Modelling – conduct system‑level threat modelling and recommend control enhancements.
  • Security Tooling Integration – support integration of SIEM, EDR, IAM, vulnerability management, and configuration management tools to enforce CIS Controls.
  • Documentation & Standards – produce architecture diagrams, security standards, and implementation guides.
  • Stakeholder Communication – translate technical risks into business impact for leadership and project teams.
Key Skills & Experience
  • Experience – ideally 3-5 years in cybersecurity architecture and engineering.
  • Framework Expertise – deep, hands‑on experience implementing CIS Critical Security Controls in large‑scale enterprise environments (mandatory).
  • Proven experience in:
    • Zero Trust principles.
    • Network segmentation.
    • Identity and Access Management.
    • Endpoint security.
  • Cloud Fluency – demonstrated architectural design experience in secure cloud migrations and cloud‑native security practices, especially in Azure.
  • Hardening Standards – expert‑level knowledge of CIS Benchmarks for operating systems (Linux/Windows), cloud platforms, and network devices.
  • Communication – proven ability to bridge the gap between technical teams and business stakeholders, articulating security risks in plain language.
  • Senior Stakeholder Management – proficient and experienced in communication at executive levels within the organization, reports, PowerPoint, and presentation.
Preferred Technical Proficiency Requirements
  • Cloud &

    Infrastructure:
    • Cloud Security – expert knowledge of Azure (Blueprints, Policy).
    • Infrastructure as Code (IaC) – proficiency in Terraform, Ansible, or Bicep to enforce security configurations at scale (Git Ops approach).
    • Identity & Access Management (IAM) – deep understanding of Zero Trust Architecture (ZTA), RBAC/ABAC models, and integration with Enterprise IAM (Okta, Entra , Ping).
    • Operating System Hardening – hands‑on experience applying CIS Benchmarks to Linux (RHEL, Ubuntu, Alpine) and Windows Server environments using automated configuration management.
  • Security Operations & Tooling:
    • Vulnerability Management – experience with enterprise tools such as Tenable.io, Qualys, or Rapid7 to map findings directly to CIS Control 7.
    • EDR/XDR Integration – expert‑level deployment of tools (e.g., Crowd Strike, Sentinel One) to achieve full visibility across endpoints (CIS Control
      6).
    • SIEM/SOAR – experience designing log aggregation and automated response playbooks in platforms like Splunk, Microsoft Sentinel, or Google Chronicle to satisfy monitoring requirements (CIS Control
      8).
    • Asset Management – implementation of automated discovery tools (e.g., CMDB Lansweeper) to maintain a dynamic inventory of hardware and software (CIS Controls 1 &
      2).
  • Network & Endpoint Security:
    • Micro‑segmentation – expertise in network design (NSX, Illumio, or Cloud‑native security groups) to enforce granular traffic control (CIS Control 12).
    • Encryption – implementation of Data‑at‑Rest and Data‑in‑Transit standards (TLS 1.3, AES‑256, HSMs, and Key Management Systems).

We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience.

#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search