Job Description

IT Security Architect

A great client of mine in the marketing and analytics area are looking for a

IT Security Design Consultant/Architect

on a 6 month initial contract to develop and implement a robust security architecture to protect an organization's IT infrastructure, data, and assets. This role involves designing, documenting, and ensuring compliance with industry security standards while mitigating risks and improving overall security posture.



You'll be working in a highly visible, business-critical role-

not just advising, but actively designing, documenting, and executing

security strategies that meet strict compliance and risk management standards.

Location:

London (Hybrid - 2 days a week on-site)


###

Technology Stack

The organization operates primarily on the

Microsoft Azure stack

, so experience designing and implementing security solutions within Azure is

essential

. This includes configuring Azure-native security tools, leveraging cloud IAM, and ensuring best practices in Azure infrastructure design.


###

Key Responsibilities:

Security Assessment & Risk Analysis

Update documentation on current security posture. Conduct risk assessments and gap analyses against industry standards (ISO 27001, NIST). Identify vulnerabilities and ensure compliance with client contracts.

Security Architecture Design

Refine high-level and detailed security architectures. Design network segmentation, encryption, access controls, and firewall configurations. Develop secure architecture strategies across

Azure environments

and support divestment planning.

Policies & Procedures

Develop and refine security policies, SOPs, and access control policies (IAM, RBAC, MFA).

Implementation & Technical Controls

Create a roadmap for security deployment. Confirm tool selections, define change management procedures. Establish Azure-native endpoint security and encryption strategies.

Security Monitoring & Incident Response

Review and enhance monitoring frameworks (e.g., Azure Security Center, SIEM). Define incident response protocols, implement logging and auditing procedures.

Compliance & Regulatory Documentation

Ensure adherence to GDPR, HIPAA, PCI-DSS, and other regulations. Prepare audit documentation and compliance mapping.

Penetration Testing & Vulnerability Management

Develop and execute penetration testing plans. Conduct vulnerability assessments and oversee remediation efforts.

Training & Knowledge Transfer

Create security awareness materials. Conduct training sessions and produce documentation for internal teams.

Project Management & Reporting

Maintain a detailed security project plan and track progress. Report on implementation status and risk mitigation using project management methodologies (Agile, PRINCE2, PMP). Maintain project charters, WBS, RAID logs, communication plans, and stakeholder updates.
If you feel you're a strong fit for this role, please apply and attach your CV. We'd love to hear from you.