Senior Security Architect - J40043

Job Title: Senior Security Architect

Location: Manchester

Rate: £69.00ph via an Umbrella Company (Inside IR35) or £51.13ph PAYE

Employment Type: Contract (Currently financed until March 2026)

Hours: Standard 40 Hours Per Week

Reference: J40043

Job Description:

We are looking for someone who will help us realise our business vision for a resilient IoT platform that will provide our Customers, Suppliers and Partners with seamless connected services delivered through an industry-leading global platform that will generate new income streams for our business and help drive down costs through the use of data analytics.

 Our Security Architects work closely with Stakeholders to define and evolve system security architectures that are secure by design. You will be a valued member of our Offboard Cyber Security Chapter reporting to Offboard Security Architecture Chapter Lead, contributing to the strategic direction of the technology and solutions delivered.

As a Senior Security Architect, you will work in conjunction with Solution Architects, Product Owners, Technical Leads and Embedded Security Champions to identify the security risks associated with our products using application security threat modelling. You will collaborate with Stakeholders to identify secure architectures, best practices and requirements that enable us to deploy secure systems at scale. You will support our engineering teams through their security assurance journeys working to identify security assurance testing regimes that are aligned with our products. 

Personal Profile:

• An individual with a customer first mindset who is easy to do business with and makes people feel special, driven to deliver experiences that are personalised, transparent and dependable.
  
  
• An individual, who works independently, is results driven, demonstrating tenacity, drive and perseverance with the ability to deliver operational plans in a complex, highly demanding environment. 
  
  
• A passion for continuous technical improvement.
  
  
• An individual with the capability to combine a short-term, pragmatic focus with medium-term planning.
  
  
• A resilient and enthusiastic individual who responds constructively to new ideas and inputs.
  
  
• A good communicator with the ability to clearly communicate complex ideas.
  
  
• An effective team player, actively develops and supports team members.
  
  
• The ability to challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style.

WHAT TO EXPECT:
This role sits within the Offboard Cyber Security Chapter in Manchester, reporting to the Security Engineering Chapter Lead, and would suit those who are technically minded and a candidate from a cyber security background or those with a software engineering background. This is a senior role in our team but there is still plenty of scope to develop your skills. The role would suite someone with a strong technical background in software development wanting to focus on delivering secure systems at scale. 

 You will have a drive to grow security culture providing tooling, guidance, and support to a large number of agile development squads working on many projects. We have a strong DevSecOps culture with security being a key principle of everything we deliver. Our Security Architects work extremely closely with our product development teams to develop this culture and the processes to support it. We are SME’s and consultants to the rest of our organisation, and act as an escalation point helping teams learn, grow, and overcome any security related challenges.

 We work with new and exciting technologies to provide global services for the connected car of the future.  We work collaboratively and value each other’s opinions and as part of the team here you will have the opportunity to impact and influence a technology platform used by hundreds of thousands of our customers daily, solving difficult engineering challenges on a global scale.

We are reimagining how we deliver secure global solutions in a highly agile environment. We have a strong focus on DevSecOps and empowering engineering teams to deliver and deploy large, secure systems at pace. 

Some of our Security Architect’s responsibilities include:

• Providing consultation to product teams in security architecture and design and conduct security reviews of new and existing products and services.
  
  
• Developing and owning architectural solutions that deliver this highest standard of security.
  
  
• Collaborating closely with Solution Architecture Team to ensure our systems are secure by design.
  
  
• Working with Engineering Teams to create threat models.
  
  
• Continual collaboration with Stakeholders with a view to being a key part of the Product Delivery Teams success.
  
  
• Maintaining strong knowledge of current security threats, mitigations, and operational security best practices. 
  
  
• Developing and maintaining Security Patterns and Reference Architectures. 
  
  
• Supporting the analysis of business requirements and their interpretation into security deliverables.  

WHAT YOU WILL NEED:

• You will be working closely with our engineering teams to help them uncover threats in their solutions, so a strong technical background is required.
• Knowledge of cyber security best practices and a good understanding of security threats and controls is also a must.
• This role is highly collaborative so would suite someone with a desire to work collaboratively across the wider engineering team.
  
  
• We are looking for a self-starter, keen to work in a highly collaborative manner supporting our engineers and product teams as we deliver a connected data platform for the luxury vehicles of the future.

Background:

• A background in Software Engineering or Cyber Security, with knowledge of DevSecOps. 
  
  
• Familiarity of application security and threat modelling.
  
  
• Experience implementing SDLC process, technology, and automation in a DevOps environment; ideally making use of OWASP best practice.
  
  
• Experience within agile delivery frameworks. 
  
  
• Experience with large-scale web applications and backend services, including API design, access management, authorization, authentication, data protection and encryption.
  
  
• Familiarity with of common application and infrastructure security vulnerabilities and mitigations. 
  
  
• Solid technical foundation with a business-savvy mindset and an ability to translate technical vulnerabilities into business risks for senior leadership.
  
  

 Additional Information:

Hybrid Working: Yes