Remote Access Architect

Job Title: Remote Access Architect
Location: London (Hybrid)
Contract: 3 months

The Remote Access Architect will provide strategic oversight and governance for the design, standards, and technical components of a unified Remote Access solution across M&S. This role ensures that remote access capabilities align with the company's strategic vision, security and compliance requirements, while delivering a seamless and secure colleague experience.

The Architect will act as an independent voice, representing the M&S perspective across multiple teams and technologies, ensuring cohesion and consistency in the end‑to‑end service.

• Define and govern patterns, standards, and architecture principles for the Remote Access solution.
• Provide strategic oversight across all technical components, ensuring integration and alignment:
  • Zscaler Private Access (ZPA - Networks team)
  • Zscaler Browser Portal Access (Networks team)
  • Azure Virtual Desktop (AVD hosting - Cloud Hosting team; AVD endpoint - Device & Endpoint Management team)
  • AD/Entra ID (Identity & Access Management team)
  • CyberArk (Privileged Access Management - Identity & Access Management team)
• Collaborate closely with security and other technical leads to ensure compliance with M&S security standards.
• Ensure the solution delivers a positive colleague experience across diverse business requirements and global coverage.
• Ensure the solution incorporates the need for Warehouse, Stores, and non-production environments (CATE).
• Act as a trusted advisor to the Identity & Access Management team, who will own the end‑to‑end service.
• Provide independent assessment and recommendations to ensure the solution remains future‑proof, scalable, and secure.
• Establish a holistic view of a target solution and provide technical assurance this meets the current and future needs of M&S.
• Identify and align key dependencies with the Network and other teams. Design Authority Submissions – Remote Access
  As part of the governance framework, the Remote Access Architect will contribute to and oversee Design.
• Authority submissions. These submissions ensure that all remote access components are aligned with M&S standards, security requirements, and strategic direction.
  • Zscaler Private Access (ZPA) - secure, policy‑driven access to internal applications; focus on scalability and compliance.
  • Zscaler Browser Portal Access - browser‑based access for external partners; focus on usability and onboarding.
  • Azure Virtual Desktop (AVD) - hosting and endpoint management; focus on performance in warehouse/store environments.
  • AD/Entra ID - identity federation and conditional access; focus on seamless integration and compliance.
  • CyberArk (PAM) - privileged account management; focus on segregation of duties and auditability.

• Submissions reviewed and approved by the Design Authority to ensure consistency across all components.
• Architect provides independent M&S oversight, ensuring submissions balance security, compliance, and colleague experience.
• Focus areas include Warehouse, Stores, and non‑production environments, where remote access requirements are most critical.

• Proven experience as an Architect in Remote Access, Identity & Access Management, or related domains.
• Strong knowledge of enterprise remote access technologies, including Zscaler, Azure Virtual Desktop, AD/Entra ID, and CyberArk.
• Expertise in security governance, compliance frameworks, and architectural standards.
• Ability to balance technical rigor with user experience, ensuring solutions are secure yet intuitive.
• Excellent stakeholder management skills, with experience working across multi‑disciplinary teams.
• Strong communication and influencing skills, able to represent an independent strategic view.