The Role
We are looking for an exceptionally seasoned Security Architect with over 15 years of progressive experience, including extensive leadership in designing and implementing robust security architectures, particularly within large-scale cloud environments and the highly regulated financial domain. This role demands a deep understanding of complex security challenges, a proven track record of strategic influence, and the ability to translate business requirements into secure, scalable, and compliant technical solutions.
Your responsibilities:
· Strategic Security Leadership:
Define, evangelize, and evolve the overall cloud security architecture strategy and roadmap, aligning with business objectives, relevant European regulatory requirements (e.g., GDPR, DORA, PSD2, NIS2 Directive), and industry best practices.
Act as a trusted security advisor to senior leadership, engineering teams, and business units on all aspects of cloud security.
Lead the development and implementation of security architectural standards, patterns, and guidelines for cloud-native and hybrid-cloud deployments.
· Solution Design & Assurance:
Provide expert security architecture guidance for critical enterprise applications, infrastructure, and data platforms, with a strong focus on secure-by-design principles.
Conduct comprehensive security architecture reviews of high-level and low-level designs, identifying risks, proposing effective controls, and ensuring adherence to security policies.
Drive the selection and integration of security technologies and services within cloud ecosystems (AWS, Azure, GCP preferred).
· Risk & Compliance Management:
Lead threat modeling, risk assessments, and security posture management across cloud environments.
Ensure architectural designs meet stringent regulatory compliance requirements relevant to the financial industry in Europe (e.g., data residency, privacy, operational resilience).
Develop and implement security controls that align with frameworks like NIST CSF, ISO 27001, PCI DSS, and CSA CCM.
· DevSecOps & Automation:
Champion the integration of security into the entire SDLC (DevSecOps), promoting automated security testing, continuous compliance, and secure configuration management.
Design secure CI/CD pipelines and infrastructure as code (IaC) templates.
Your Profile
Essential skills/knowledge/experience:
· 15+ years of progressive experience in Information Security, with a significant focus (minimum 7-8 years) on Security Architecture.
· 5+ years of hands-on experience specifically in Cloud Security Architecture for enterprise-scale deployments across at least one major public cloud provider (AWS, Azure, or GCP). Multi-cloud experience is highly preferred.
· Deep expertise in financial services domain security, including understanding of common threats, European regulatory requirements (e.g., PSD2, DORA, EBA guidelines), and data privacy mandates (GDPR).
· Extensive knowledge of security architecture principles for:
· Identity & Access Management (IAM) in cloud (e.g., AWS IAM, Azure AD, GCP IAM).
· Network Security (VPCs, firewalls, WAFs, micro-segmentation, private connectivity).
· Data Security (encryption at rest/in transit, KMS, data classification, DLP).
· Application Security (secure coding, API security, SAST/DAST, WAF integration).
· Container Security (Kubernetes, Docker, service mesh).
· Security Information and Event Management (SIEM) and logging strategies.
· Zero Trust Architecture principles.
· Proven experience with DevSecOps methodologies and securing CI/CD pipelines.
· Strong understanding of security frameworks such as NIST CSF, ISO 27001, CSA CCM, and experience in translating these into practical architectural designs.
· Hands-on experience with security tools and technologies for vulnerability management, secrets management, cloud security posture management (CSPM), and cloud workload protection platforms (CWPP).
· Relevant industry certifications are highly desirable (e.g., TOGAF, CISSP, CCSP, AWS Certified Security - Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer).
Desirable skills/knowledge/experience:
· Exceptional Communication: Ability to articulate complex security concepts clearly and concisely to technical teams, senior management, and non-technical stakeholders (both written and verbal).
· Strategic Thinking & Vision: Capability to foresee future security challenges and proactively develop long-term architectural solutions.
· Problem-Solving & Analytical Prowess: Strong ability to diagnose complex security issues, identify root causes, and devise innovative, practical solutions.
· Influence & Persuasion: Proven ability to gain buy-in and drive adoption of security best practices across diverse teams.
· Collaboration & Teamwork: A strong team player who can work effectively with cross-functional teams (development, operations, compliance, audit).
· Leadership & Mentorship: Demonstrated ability to lead security initiatives, guide junior team members, and foster a culture of continuous learning.
· Adaptability & Resilience: Ability to thrive in a fast-paced, evolving environment and navigate ambiguity with a positive and proactive approach.
· Attention to Detail: Meticulous approach to design and review, ensuring no critical security gaps.
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
