Senior Security Architect

£85,000 | Manchester | Permanent

Posted +1 month ago


Senior Security Architect

Our client is a leading global asset manager responsible for over £647bn in assets under management. Some of their clientele include pension funds, corporates, insurers, sovereign wealth funds, and other financial institutions. The business is currently undertaking a major transformation programme which includes significant change to the technology platform and organisation structure.

They are looking for a Senior Security Architect to join our client in their new Tech Hub in the heart of Manchester. This strategic Manchester-focused initiative is being set up with a mission to digitise the investment process and will be critical to the technology transformation (particularly around the public cloud, specifically Azure ). It's an exciting opportunity to join at the beginning, with their continued growth enabling them to keep up with the demand for innovative technical solutions to meet the needs of the growing business.

The role will form part of the Security Architecture, Engineering and Governance team, responsible for:

* Transforming the application estate into a service-based architecture, based on a modern Microsoft Tech Stack, hosted in Azure.
* All aspects of security architecture and design.
* Security engineering.
* Responsible for security related policies/standards.
* Design and build of security related controls.
* Security tooling selection and implementation.
* External stakeholder management.

To succeed in this role you must be able to:

* Hand's on automation development for key security components and services.
* Take ownership and lead security initiatives with local teams, driving the future state and allowing the Manchester teams to be self-sufficient in all security aspects from the core London team.
* Build out a security presence within Manchester to fully support the product teams locally.
* Assess new and evolving cloud services (e.g. PaaS, SaaS, IaaS) for security maturity, developing security blueprints.
* Be comfortable working in an agile environment across multiple locations, ensuring appropriate collaboration across sites.
* Become the Product Owner for cloud security across the business, as part of the cloud programme.
* Work with the existing development teams to agree standards for secure development practises for technical content, as well as to deliver a secure software development lifecycle, a key component of which will be establishing a secure and auditable route to production using continuous delivery techniques.
* Collaborate on application designs and the introduction of new technology components (particularly for cloud based solutions) from the earliest stage to ensure that security concerns are addressed within the architecture from the outset.
* Provide advice on best practises for secure development, taking account of the applications usage, sensitivity and data requirements.
* Evaluate new technologies and processes that enhance application security capabilities.
* Provide hand's on automation development for key security components and services.
* Produce and maintain technical documentation.


* Experience of agile methodologies and DevSecOps processes.
* Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorisation, applied cryptography , security vulnerabilities and remediation .
* Working knowledge of designing, securing and integrating applications/systems within public cloud environments - preferably Azure.
* Working experience with Cloud Secrets Management (Cloud Vaults / Key Management & Rotation / MFA / Passwords / HSM's).
* Familiar with Defence in Depth techniques.
* Familiar with containerization including building secure container images, architectural design, monitoring and security tooling (i.e. TwistLock).
* Extensive experience with Public Cloud (preferably Azure) security concepts (Virtual Networks/VPC, Log and Incident procedures).
* Experience architecting solutions making use of PaaS, IaaS and SaaS services.
* Working experience with Automation / Infrastructure as Code concepts and development including how security influences how infrastructure / application stacks can be provisioned. Including using associated tooling (i.e. Terraform, Chef, PowerShell, CLI).
* Ability to work independently.
* Interest in all aspects of security research and development.


* Experience using system monitoring tools (i.e. SIEM, Log Management) and automated testing frameworks.
* Familiar with regulated environments and how to ensure compliance to these during SDLC.
* Working knowledge of web related technologies (Web applications, Web Services and REST-based Service Architectures) and of network/web related protocols.
* Experience of relational databases (i.e. MSSQL, MySQL).
* Familiarity with various operating systems (i.e. Windows, Linux).
* Interest in all aspects of security research and development.
* Familiar with Code Scanning tools and intergration into CI/CD pipeline (i.g. SonarQube FxCop, and VeraCode).
* Cloud security based externally recognised certifications.

If you are looking to work with a fantastic organisation, somewhere that is proud to hire, develop and retain talented people, apply now to avoid disappointment.

InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.