Lead Security Architect

Role : Lead Security Architect
Work Location : London
Work Mode : Hybrid

Job Description:

We are seeking a highly skilled and experienced Lead Security Architect to join our team for the Protocol Analysis & Remediation project. The successful candidate will be responsible for designing and implementing security architectures related to lateral movement between workloads and endpoints and understanding and controlling the protocols they utilize by way of secure protocol configuration and other compensating controls.
The project starts with discovery, in which the team will leverage log data available in Azure Log Analytics and through auditing existing configurations to understand the current landscape with regards to lateral movement and areas where risks can be reduced. The output of this phase is to provide recommendations and design objectives to reduce risk and improve the security posture of the Trust as it relates to lateral movement, with an emphasis on working towards a zero-trust framework. These findings and recommendations will be presented to the Cyber Security Architecture and Engineering team and Security Authority for sign-off as required.
Once sign-off has been achieved, you will work with a team of Linux and Windows SMEs to provide leadership in implementing the architecture(s) and configuration(s) that the discovery phase recommended.

Key Responsibilities:

• Develop and implement security architecture strategies to mitigate risks associated with lateral movement protocols.
• Design and enforce network segmentation and access control policies to limit unauthorized lateral movement.
• Collaborate with IT and security teams to ensure the integration of security best practices into network and system designs.
• Conduct security assessments and audits to identify vulnerabilities and recommend remediation actions.
• Provide technical leadership and guidance to the security team and other stakeholders.
• Stay updated with the latest security trends, threats, and technologies to ensure the organization's security posture remains robust.
• To identify insecure configurations on Windows and Linux operating systems, the impact of those identified, and provide guidance on corrective actions.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• At least 8 years of experience in information security, with a focus on network security and architecture.
• Strong knowledge of malicious lateral movement techniques and mitigation strategies.
• Experience with security frameworks and standards (e.g., NIST, ISO 27001).
• Excellent communication and leadership skills.
• Relevant certifications such as CISSP, CISM, or TOGAF are highly desirable.
• Previous job roles that may indicate success include Information Security Architect, Senior Security Consultant, and Systems Architect.

• Windows Architecture and Administration.
• Windows and Linux hardening best practices.
• Understanding of protocol analysis techniques.
• Experience with Azure Log Analytics, KQL, and Azure Alerts.
• Python, Shell, and PowerShell scripting.
• Firewall/IPS/IDS engineering.
• Experience with security tools and technologies (e.g., SIEM, IDS/IPS, NG Firewall capabilities, vulnerability scanners).
• Knowledge of Active Directory and Azure AD.
• Knowledge of application delivery and the infrastructures that enable it.
• Familiarity with SQL Server, Oracle, clustering/High Availability technologies, and secure administrative practices .