Security Architect - Active SC - £600 - £650 Outside at Stealth IT Consulting, United Kingdom, 6 Months, £Contract Rate

Contract Description

Job Title: Security Architect
Rate: £600 - £650 Outside
Duration: 6 months
Location: Remote - Occasional Visits Monthly
Clearance: Active SC
Stages: 1 Stage

Key Responsibilities

  • Design secure architecture solutions for cloud, on-premise, and hybrid environments.
  • Develop security architecture principles, patterns, standards, and reference models.
  • Ensure security requirements are integrated into solution designs from inception through delivery.
  • Conduct architecture reviews, security assessments, and threat modelling exercises.
  • Produce High-Level Designs (HLDs), Low-Level Designs (LLDs), and security architecture documentation.
  • Perform security risk assessments and recommend appropriate mitigation strategies.
  • Support accreditation and assurance activities in line with HMRC governance processes.
  • Collaborate with Enterprise Architects, Solution Architects, Infrastructure teams, DevOps engineers, and delivery teams.
  • Ensure compliance with UK Government Security Policy Framework (SPF), NCSC guidance, GDPR, and HMRC security standards.
  • Provide security guidance throughout Agile delivery and DevSecOps pipelines.
  • Review security controls for APIs, applications, cloud platforms, identity services, and data protection.
  • Participate in technical design authorities and architecture governance forums.
  • Support vulnerability management, penetration testing remediation, and security assurance activities.

Essential Skills & Experience

  • Extensive experience as a Security Architect within large enterprise or government environments.
  • Strong knowledge of security architecture frameworks and methodologies.
  • Experience designing secure cloud architectures using AWS, Azure, or Google Cloud Platform.
  • Strong understanding of Zero Trust architecture principles.
  • Expertise in Identity & Access Management (IAM), authentication, and authorisation technologies.
  • Experience implementing security controls aligned with NCSC and government standards.
  • Knowledge of network security, Firewalls, VPNs, WAFs, IDS/IPS, and endpoint security.
  • Experience with encryption, PKI, key management, and data protection technologies.
  • Strong understanding of DevSecOps and secure software development life cycle (SSDLC).
  • Experience conducting threat modelling using methodologies such as STRIDE or ATT&CK.
  • Knowledge of application security, API security, and container security.
  • Excellent stakeholder management and communication skills.
  • Ability to produce high-quality technical and governance documentation.