Senior Security Assurance Architect - £650 P/D at Anson Mccade, Multiple Locations, £Contract Rate

An experienced security assurance and architecture professional with the technical depth to constructively challenge designs, provide independent assurance, and support secure-by-design delivery across multiple concurrent projects and teams.

• End-to-End Lifecycle Assurance: Provide security assurance leadership from project initiation through design, delivery, stage-gate reviews, and go-live readiness.

• Design & Control Reviews: Review, challenge, and validate technical designs (HLDs/LLDs) to ensure effective security controls across identity, network, cloud, and data domains.

• Compliance & Governance: Deliver structured assurance against organizational policies, frameworks, and a target Zero Trust posture.

• Documentation & Artefacts: Produce formal assurance reports, design review outputs, stage-gate recommendations, exception papers, threat models, and risk assessments.

• Risk & PMO Integration: Support RAID logs and governance reporting by identifying risks, gaps, and dependencies early to prevent late-stage project delays.

• Architecture & Engineering Input: Provide hands-on input for high-risk design areas, secure cloud landing zones, network segmentation overlays, and secure data flows.

• Supplier Assurance: Conduct third-party risk assessments and review supplier deliverables against security and contractual expectations.

• Onboarding & Discovery: Mobilize into the portfolio and review existing assurance processes, governance arrangements, and current security standards.

• Ways of Working: Establish or refine engagement models, assurance checkpoints, evidence requirements, and escalation routes with PMO, Architecture, and Cyber teams.

• Portfolio Baseline: Identify priority projects and review existing project artefacts (HLDs, LLDs, supplier outputs) to produce initial assurance gap analyses.

• Ongoing Governance Execution: Embed into regular cadences to deliver formal design reviews, contribute to Design Authorities/Risk Boards, and maintain audit-ready assurance evidence.

• Essential: Relevant professional experience in security assurance, architecture, or cyber security. Evidence of continuous professional development in risk, governance, or security.

• Desirable: Professional certifications such as CISSP, CCSP, TOGAF, CISM, SABSA, ISO 27001, or cloud-specific security credentials.

• Essential: Deep understanding of security assurance principles, secure-by-design delivery, and risk frameworks. Knowledge of architecture governance, stage gates, and exception management.

• Desirable: Familiarity with Cyber Security Operations (SecOps). Technical knowledge of Zero Trust, secure cloud landing zones, IAM, network segmentation, and data classification.

• Essential: Ability to lead full-lifecycle assurance and evaluate controls across identity, network, cloud, and data domains. Skill in producing technical assurance reports, risk-based recommendations, and control mapping.

• Desirable: Ability to develop reusable security patterns, reference architectures, and technical guardrails. Hands-on experience with public cloud, threat modeling, and supplier technical solutions.

• Essential: Strong analytical and stakeholder engagement skills; ability to challenge constructively. Ability to translate complex security risks for both technical and non-technical audiences. Autonomous, risk-based decision-making.

• Desirable: Experience acting as a trusted advisor to senior leaders and suppliers. Proven ability to embed assurance smoothly into active delivery cadences.

• Essential: Proven track record in enterprise, regulated, or public sector environments where governance and auditability are critical. Substantial experience reviewing HLDs/LLDs across multiple concurrent projects.

• Desirable: Experience in SecOps environments. Experience conducting third-party risk assessments. Active participation in Design Authorities or Risk Review Boards.