Experienced Security Architect | Professional Pension Management Firm

Job Description

[Up to c. £230k Comp Package | Hybrid Working - 3 Days in Office]

We're partnering with a market-defining pensions investment firm undertaking a large-scale transformation of its technology and security landscape. Backed by strong executive sponsorship, they’re redesigning core architecture, building cloud- systems, and investing in a high-trust, hands-on security function to future-proof operations. This is a unique opportunity to shape the security architecture of a business responsible for safeguarding over £65 billion in assets - where your input won’t sit on the shelf, but will be built, deployed, and relied upon...

Key Responsibilities

• Lead the design and development of secure architecture patterns across cloud- infrastructure (AWS/Azure), serverless systems, and distributed environments
• Collaborate closely with engineering and product teams to evaluate architecture proposals, reduce risk, and embed intuitive security controls across the SDLC
• Perform security-focused architecture reviews of key platforms and workflows, guiding engineering teams through the development phase with secure-by-design advice
• Translate complex threats into architectural controls and reusable policy-as-code modules that prevent risk before it materialises
• Support cloud security strategy through templates, IaC modules, and proactive risk reduction initiatives
• Advocate for secure development practices - from CI/CD pipelines to containerised workloads - ensuring that friction is addressed with empathy and practical value
• Apply threat modelling frameworks to uncover vulnerabilities and recommend architecture-level mitigation strategies
• Work directly with developers and infrastructure teams to align real-world engineering goals with enterprise security objectives

What You Bring...

• 6+ years’ experience in Security Engineering, Software Engineering, or Security Architecture roles
• Proven track record of designing secure systems within cloud- environments (AWS or Azure)
• Comfortable developing IaC (Terraform or similar), automating security controls, and contributing to secure infrastructure practices
• Strong understanding of modern security principles, threat actor behaviour, and risk frameworks (NIST )
• Skilled in collaborating with developers to find practical, low-friction ways to implement secure patterns
• Confident communicator across technical and non-technical teams, with the ability to influence architecture-level decisions
• Deep familiarity with secure development tooling, infrastructure design, and threat modelling practices
• Background in highly regulated environments such as financial services, insurance, or pensions
• () Degree in a related field and/or certifications such as CISSP, CISM, or equivalent
• () Experience contributing to architectural governance, documentation, and change control in scaled organisations

...