LAP Security Architect

Sanderson Recruitment Plc
Charing Cross, United Kingdom
5 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Intermediate
Compensation
£ 195K

Job location

Charing Cross, United Kingdom

Tech stack

Microsoft Active Directory
Amazon Web Services (AWS)
Audit Trail
Azure
Cloud Computing
Information Leak Prevention
Linux
Federal Information Processing Standards (FIPS)
Identity and Access Management
Network Segmentation
Sherwood Applied Business Security Architecture
Systems Integration
Software Vulnerability Management
Wintel
Technical Debt
Selinux
Devsecops
Static Application Security Testing
Dynamic Application Security Testing

Job description

  • Legacy System Modernisation: Proven experience in upgrading Legacy applications while maintaining operational continuity, including migration strategies for Wintel-to-cloud or Linux-to-cloud transitions.
  • Secure Architecture Design: Ability to create architecture patterns for hybrid environments (on-premises, cloud) and enforce secure-by-design principles (eg, NIST, ISO 27001).
  • ITHC Leadership: CREST/CHECK-accredited experience conducting or supporting pre- and post-deployment security assessments, vulnerability management, and remediation planning.

Technical Experience

  • Wintel/Linux: Securing Legacy applications via patching, hardening, and privilege management (eg, Active Directory, SELinux).
  • Cloud (AWS/Azure/GCP): Designing IAM policies, encryption (FIPS 140-validated modules), and network segmentation for hybrid environments.
  • DevSecOps: Integrating SAST/DAST tools into CI/CD pipelines and automating compliance checks.

Security Documentation

  • Threat Modeling: Using frameworks to identify risks in legacy-to-modern transitions.
  • Security Control Sets: Defining controls for data encryption, access management, and audit logging aligned with NCSC guidelines.
  • ITHC Reports: Delivering CHECK-compliant reports with actionable remediation plans.
  • Align audit outcomes with organisational risk appetite, ensuring Legacy system upgrades mitigate critical threats (eg, unauthorised access, data leakage)
  • Audit risk registers and treatment plans to confirm they address Legacy technical debt and transformation uncertainties

Government Compliance

  • Standards: Familiarity with HMG Security Policy Framework, NCSC Cloud Principles, and Secure by Design activities .
  • Certifications (some of the following): CISSP, CCSP, SABSA Chartered Security Architect (SCF/SCP), CSSLP, CASP+, GIAC GDSA.

Programme Delivery Skills

  • Stakeholder Collaboration: Leading cross-functional teams (developers, ops, risk owners) to align security with business objectives.
  • Risk Appetite Management: Balancing security requirements with project timelines and budgetary constraints.
  • Threat assessments and risk registers.
  • Security Controls Statement of Applicability .
  • Pre- and post-ITHC compliance reports.

Requirements

UK Government Experience: - Preferred to have 3 years previous experience supporting UK Government Depts as a Security Architect

Apply for this position