Security Architect - Network & Infrastructure Design

We are currently looking for a Security Architect/Design Engineer with specific experience in Network & Infrastructure Design. This is to join an existing team with one of our financial services clients. Applicants will need to attend a client office 3 days per week; location can be chosen from Edinburgh, Sheffield, Birmingham, or Manchester.

• Manage end-to-end solution design and deliver design documents in line with functional and non‑functional business requirements, strategies, principles, standards, and patterns.
• Publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate.
• Support and maintain the in‑house developed web application with an Azure hosted Data Lake backend, used for firewall rule recertification for CheckPoint, Illumio, and Fortinet.
• Architect new features to incorporate new requirements to support WAF, Network Segmentation and Proxy capabilities.
• Assist with re‑platforming the service to a new infrastructure.

• Significant experience and proven technical depth within network & infrastructure security:
• • Network Security Controls: Firewalls, WAF, software‑defined network segmentation, IDS/IPS, Proxies and NAC.
• • Segmentation and Micro‑Segmentation: Dividing the network into smaller, isolated segments to limit attack surfaces and ensuring ongoing connectivity across zones.
• • Secure Protocols: Implementing secure communication protocols like TLS/SSL, IPsec, and SSH.
• • Network Traffic Analysis: Interpretation, monitoring and analysing network traffic to detect and respond to anomalies.
• • Network Security Policies: Definition and enforcement of policies for secure network operations and access.
• • Secure Baselining: Enforcement of secure configurations for systems and applications. Redundancy and High Availability: Designing systems to maintain operations and availability during failures.
• • Disaster Recovery Planning: Creating and testing plans for recovering from major incidents or disasters.

Broad background across information technology with the ability to communicate clearly with non‑security technical SMEs at a comfortable level.

Experience and understanding of both the roles and interlock between enterprise & solution architecture.

Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives.

Experience working in large‑scale IT transformation programmes.

• Working experience with CheckPoint, Illumio, and/or Fortinet or similar related firewall technology.
• BizzDesign, Archi, or generic UML visualisation experience for high‑level designs.
• High proficiency and expertise in Jira for project & tasks management.
• Working proficiency in Confluence for documentation.

• Provide assurance, support and oversight of solutions designs and support the engineering teams in delivering and executing strategic technology deployments.
• Ensure solution designs align to published reference architecture.
• Provide technical expertise & consultation to transformative programmes of work within their security domain.
• Influence business and technology executives to help them align their initiatives with standardised offerings whilst also engaging with them to understand their business requirements, threats and risks.
• Clear understanding of both the motivations of the business and technical security.

• Willingness and ability to present reference architecture to design authorities and articulate deep technical concepts to a broad range of stakeholders in both large forums and smaller deep‑dive sessions.
• Ensures all reference architecture, high‑level designs, architecture patterns, decision records, deviation requests, and technical risks or issue records undergo architectural and project governance processes.
• Ensure all architecture artefacts undergo appropriate peer review prior to design authority presentation.
• Present publications at technical design authorities for input, feedback, and approval.

• Effectively manages and escalates both technical and project risks or issues.
• Articulates solutions and remediation steps to technical risks & issues.
• Ability to map design decisions to resultant technical risks & issues to articulate the cause and rationale which leads to any negatively impacting change.

• Lead others and create an environment that supports and inspires people to develop and deliver.
• Built effective networks both internally and externally and created opportunities for others to work collaboratively.
• Make strategic business decisions, considering relevant risks, long‑term implications, commercial realities and stakeholder needs.