Security Architect 6 months Inside IR35 This role is for an Infrastructure Security Architect, with primary skills, experience and expertise in the architecting and deployment of infrastructure services, both Public Cloud and traditional on-premises Datacentre with a strong background in security. You will will provide technical leadership, design, implementation, integration, and oversight of the infrastructure security solutions The architect's primary responsibility will be to contribute to designing the security elements of IT solution architectures and leading the architectural design of security-specific capabilities, to ensure alignment to the Enterprise Principles, Roadmaps and Vision. The candidate will utilize an extensive IT background, advanced security knowledge, an appreciation for compliance and risk management principles to develop and promote effective and sustainable solutions; educate stakeholders and champion embedding cloud security across all architecture and design. Ideally the candidate will have knowledge and experience being proven across five or more years. The role will require a broad set of general technical understanding on both architecture disciplines and technologies. The capability to work alongside and with several key stakeholders, including both business and IT operational teams is vital. Must have skills: Strong background in security architecture, security design and defining security frameworks for the enterprise Strong understanding of Network security (NGFW, WAF, NLB, Proxy), system or application security (microservices, NLB, SSL) and data security (Encryption) Hands-on experience in Cloud (AWS/GCP/Microsoft Azure) security architecture, security engineering, or equivalent experience with vendor specific cloud certification. Azure a strong advantage Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM Authentication, Authorisation and Accounting concepts, best practice and IAM management systems. OTP and MFA systems Identity strategy, Active Directory Security including federated implementation, for example ADFS, SAML Champion and oversee InfoSec design and implementation spanning cyber controls and architectural best practices Collaborate with the Security Architecture and Assurance teams to ensure Cloud architecture adheres to organisational controls and advances security posture Experience in securing DevOps or Software Supply chain practices and tooling, application security threat modelling & data security Experience in Cloud formation & Terraform With a focus on the below: Operational Technologies Experience with Azure infrastructure such as Account structures e.g. (subscription, tenant), Azure Active Directory, Azure Active Directory Domain Services, Service Principles, RBAC, IAM Strong Windows server background on both physical and virtual (VMware) infrastructure Strong experience in server migration elements to both on-premises and off-premises VMware and Hyper-V experience and design Ability to take a flexible approach to design with limited defined as-is architecture and NFR's Ability to ensure architecture designs follow internal standards Ability to understand complex requirements for application migration to the cloud utilising cloud native technologies Migration of applications and services into cloud environment (Azure or vender SaaS platforms) Desirable Security certifications such as CISSP, CISM etc. are desirable Experience of working in large organisations in regulated sectors (example utilities, finance) Certification in recognised architecture frameworks (example TOGAF) and the ability to apply these in a pragmatic way would be an advantage ersg are an equal opportunities employer; we are committed to promoting equality of opportunity for all job applicants. We do not discriminate against applicants on the basis of age, sex, race, disability, pregnancy, marital status, sexual orientation, gender reassignment or religious background; all decisions are based on merit.