Cyber Azure Security Architect CGEMJP

Role Title: Cyber Azure Security Architect

Duration: contract to run until 30/10/2026

Location: Knutsford, Hybrid 3 days per week onsite

Rate: up to £707.15 p/d Umbrella inside IR35

Role purpose/summary

The Azure Security Architect is responsible for designing, implementing, and governing security controls across cloud platforms, with a focus on Zero Trust, secure build standards, and network segmentation. This role ensures that security controls are Embedded into all solution components and aligned with organisational and regulatory requirements.

Key Responsibilities:

Develop and maintain Azure security architecture aligned to Zero Trust principles, ensuring least privilege, segmentation, and strong identity control.

Define secure configuration standards for Azure resources, including network, compute, storage, identity, and monitoring components.

Overview:

The Cyber Resilience Architect designs resilient enterprise environments with a focus on assurance, recovery, and compliance. This role ensures that solutions can withstand, contain, and recover from modern cyber threats and operational disruptions.

Key Responsibilities:

• Produce overarching cyber resilience architecture patterns across infrastructure, applications, identity, data, and network layers.
• Design resilience controls including isolation zones, immutable backups, privileged environment separation, and containment strategies.
• Lead assurance activities, evaluating technical resilience controls for completeness, maturity, and effectiveness.
• Define and validate compliance to regulatory and organisational resilience standards.
• Collaborate with Security, Infrastructure, and Operations teams to integrate recovery capabilities into solution designs.
• Undertake resilience risk assessments and support the creation of mitigation strategies.
• Provide architectural governance on change, ensuring resilience remains a core requirement across the programme.

Technical Components:

• Knowledge of backup/restore architectures, cyber vaults, privileged admin models, and ransomware containment strategies.
• Experience with cloud-native resilience (availability zones, DR strategy, replicated storage, service failover).
• Familiarity with compliance frameworks such as NIST CSF, NCSC CAF, ISO27035

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!