Principle Security Architect

Principal Security Architect (SC-Cleared) - Outside IR35 - London (Hybrid)

Daily Rate: Contact Me
Location: London (hybrid - typically ~3 days/week onsite as required)
Contract: Contract (Outside IR35)
Clearance: Active SC-Clearance

Overview:

We're an independent, outputs-based security consultancy delivering into some of the UK public sector's most complex and sensitive, security-critical systems.

You'll support a landmark, cross-government secure IT transformation-architecting private cloud environments from the ground up and modernising secure end-user services that underpin national decision-making.

This is a senior, hands-on Principal Security Architect position with genuine authority: shaping security posture, defining architectural standards, and steering strategy across multiple programmes.

Clearance & eligibility (non-negotiable):

To be considered, you must be able to work in highly secure environments and meet the following:

• UK National (required due to client security restrictions)
• Hold active SC (or higher)
• Willing to undergo Developed Vetting (DV)

What you'll do:

1) Security strategy, architecture & vision

• Define and own enterprise-level security principles, patterns, and reference architectures across programmes
• Create practical roadmaps balancing risk, delivery pragmatism, and strategic outcomes
• Lead secure-by-design approaches for constrained environments (eg, air-gapped, classified, cross-domain)

2) Technical authority & assurance leadership

• Act as the senior security authority for complex/high-risk decisions
• Lead assurance across multiple projects, including:
  • Threat modelling and architectural risk assessment
  • Design/solution security reviews
  • Setting expectations for security artefacts and evidence quality

3) Risk, governance & senior stakeholder engagement

• Translate technical threats into clear options for senior decision-makers
• Engage with SROs, accreditors, CISOs, and policy stakeholders
• Navigate ambiguity across policy/standards/operational constraints with a threat-informed, pragmatic approach

4) Leadership & capability building

• Mentor and guide senior engineers and security architects
• Drive architectural consistency across teams/projects
• Promote a security-first culture and improve overall engineering maturity

5) Thought leadership & innovation

• Assess emerging technologies responsibly where precedent/guidance is limited
• Represent the consultancy as a trusted authority on complex security topics

What we're looking for (must-have experience):

• Deep security architecture expertise across: infrastructure, cloud, identity, networks, systems security
• Strong knowledge of NCSC guidance/standards, risk management approaches, and architecture frameworks
• Background delivering in UK public sector or highly regulated environments
• Proven delivery in classified/constrained/limited-connectivity systems
• Able to operate across solution + programme + portfolio levels simultaneously

Communication & leadership:

• Confident engaging and influencing at executive/accreditor level
• Strong decision-making under delivery pressure (balanced against long-term security outcomes)
• Clear, authoritative written and verbal communicator

Qualifications:

• Chartered Security Architect (essential)
• Desirable: CIISec/CIISP (or equivalent senior-level security qualifications)
• Evidence of continued professional development aligned to senior technical leadership

If interested, please send me your most recent CV and contact information so that we can speak in more detail!