Overview
The Security Architect will be responsible for designing and ensuring the security of new core platforms and systems in a major transformation program for an insurance technology organization. This role involves collaborating closely with senior security leadership and various technical teams to implement secure-by-design principles while enhancing the organization's global security posture. The position is offered as a hybrid role, allowing for a mix of remote work and on-site collaboration in London.
Responsibilities
- Lead the design and review of secure architecture across major change programmes.
- Define and implement SDLC security standards and best practices.
- Develop and enforce API security standards and secure integration models.
- Conduct threat modelling and risk assessments for new technology initiatives.
- Support DevSecOps practices and secure CI/CD pipelines.
- Collaborate with engineering, architecture, and compliance teams to embed security from inception.
- Provide guidance on privacy-by-design and operational resilience.
Requirements
- Proven experience (5+ years) as a Security Architect in regulated environments.
- Strong understanding of secure software development, cloud security, and API security.
- Experience with DevSecOps and modern CI/CD practices.
- Knowledge of frameworks such as GDPR, NYDFS, and other global data protection regulations.
- Excellent communication and stakeholder management skills.
- Relevant certifications (e.g. CISSP, SABSA, TOGAF, AWS/Azure Security) are highly desirable.