Security Architect

Sanderson are working with a Cyber Security service provider as they look to build out their Cyber function. This role will encompass building out a secure cyber architecture piece working within public sector.

As a Security Architect, you'll play a critical role in shaping secure, resilient digital services from concept through to retirement. You'll provide expert security design guidance across projects, ensuring solutions meet security standards while enabling innovation and cloud-first delivery.

In this role, you will:

• Provide secure design advice from Discovery phase through delivery, operation, and disposal.
• Ensure solution and product designs align with security standards, blueprints, and architectural patterns.
• Champion Secure by Design and architectural best practices to reduce information risk.
• Validate the design, implementation, and effectiveness of security controls.
• Deliver security architecture supporting large, data-driven services across private and public cloud environments.
• Design and scope IT Health Checks (ITHCs) to identify key security risks.
• Review ITHC outcomes, providing clear guidance and actionable remediation plans.
• Identify and assess security risks in proposed architectures, recommending mitigations and alternative solutions.
• Perform threat modelling, risk assessment, and security analysis for systems, applications, and infrastructure.
• Design proportionate security controls aligned to risk appetite, leveraging native cloud capabilities.
• Produce high-quality security architecture artefacts, including standards, patterns, and blueprints.

You're an experienced security professional with a strong architectural mindset and a passion for building secure, scalable systems.

• Proven experience in cybersecurity, security architecture, risk management, or related disciplines.
• Experience level: 5+ years in a Security Architect or senior technical security role.
• Strong working knowledge of:
  • Security-related legislation and regulatory requirements
  • Security control frameworks
  • HMG and NCSC policies, standards, and guidance
  • Cloud security, including AWS services
  • Event-driven, microservices-based architectures using native cloud technologies
• Certifications: One or more of SABSA, TOGAF, AWS/Azure Solutions Architect, CISSP, CISM, or similar.
  • Achieved or working towards Full Membership of CIISEC and UK Cyber Security Council registration
• Technical expertise across cloud security posture management, cloud-native security tools and endpoint security.
• Strong foundations in PKI, cryptography, privileged access management, and role-based access control.
• A problem-solving mindset with the ability to design pragmatic, innovative security solutions.

This role will require you to be willing and eligible to undergo a high level of UK security clearance

If you're interested in the above, apply or reach out to steven.mitchell@sandersonplc.com

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.