Principal Cyber Security Architect – 11372SR

11372SR
£90k – 100k per year

Our client, a leading organisation within the financial services sector, is seeking a Principal Cyber Security Architect to join their growing security function. This is a hybrid role that blends hands‑on technical expertise with strategic leadership, offering the opportunity to shape security architecture, policies, and governance across the enterprise.

As the Principal Cyber Security Architect, you will define and lead the organisation’s security architecture, with a focus on Azure-first environments, regulated financial services, and executive and client advisory work. You will act as a deputy to the Head of Security, influencing enterprise-wide decisions and embedding security-by-design principles across cloud platforms, applications, and data.

Security Architecture & Cloud Governance

• Design target‑state architectures for cloud and hybrid environments.
• Translate architectures into implementable standards, patterns, and policies.
• Embed security principles across IT, engineering, and development teams.
• Align work with recognised frameworks such as TOGAF and Well‑Architected Framework.

Policy, Standards & Documentation

• Maintain and refresh security policies and cloud standards.
• Ensure policies meet regulatory, AI, and emerging technology requirements.
• Support embedding policies into daily operations across IT and development.

Assurance & Stakeholder Engagement

• Act as a trusted advisor to executives and clients.
• Prepare for and participate in client assurance conversations.
• Present recommendations to Boards and senior leadership.

Mentorship & Governance

• Mentor junior security team members.
• Provide guidance during high‑pressure incidents.
• Participate in governance forums to ensure secure design decisions and elevate risks appropriately.

• Principal/Lead-level Security Architect with enterprise architecture experience.
• Hands‑on experience securing Azure environments (identity, network, platform, data security).
• Strong background in application security, secure SDLC, threat modelling, and real‑world OWASP Top 10 mitigation.
• Confident presenting to CIOs, senior leadership, and clients, translating technical topics into business risk language.
• Experience in regulated financial services, pensions, insurance, or similar sectors; knowledge of ISO 27001, NIST CSF, or equivalent frameworks.
• Certifications such as CISSP, CISM, CCSP preferred; TOGAF a plus.

• Hybrid working model with flexible office days in Reading.
• Competitive salary reflective of experience and seniority.
• Generous pension scheme.
• Private healthcare and wellbeing support.
• Continuous professional development and support for certifications.
• Annual bonus scheme linked to performance.
• 25+ days annual leave, plus bank holidays.

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation.