Security Architect

Description
We’re seeking a hands-on Security Architect to lead the design and assurance of security across our Financial Advice & Wealth Management SaaS platform. This is a pivotal role where you’ll own the security architecture across cloud infrastructure and networking, drive secure-by-design application architectures, and ensure robust security for integrations with external partners and systems.
As part of the Technical Architecture team, you’ll collaborate with business stakeholders, product teams, engineers, and the wider InfoSec function to embed security as a first-class concern throughout our technology landscape. Your work will help us meet the expectations of our customers, clients, and regulators
What you'll do

• Design and maintain secure cloud environments, including network segmentation, WAFs, DDoS protection, secret and certificate management, and encryption.
  
• Embed secure SDLC practices such as SAST/DAST, dependency scanning, secure coding standards, threat modelling, and API security.
  
• Architect identity-centric controls across cloud infrastructure and within the platform’s IAM solution.
  
• Contribute to the design of fine-grained authorization patterns for applications and services.
  
• Define secure patterns for APIs and partner integrations.
  
• Support governance activities including audit, risk acceptance, and internal forums.
  
• Review implementation progress to ensure alignment with security design.
  
• Provide technical guidance and coaching to architects and engineers.
  
• Promote a culture of security awareness in product and engineering practices.
  
• Align security standards and frameworks with business and technology strategy.
  
• Monitor and communicate emerging security trends.
  
• Identify and address security design gaps in application and infrastructure architectures.
  
• Assist with vulnerability management, testing, risk analysis, and reporting.
  
• Clearly communicate security concepts and strategies to stakeholders.
  The knowledge, experience and qualifications you need
  
• Strong expertise in cloud security, preferably within Azure.
  
• Experience applying secure design principles in customer-facing SaaS platforms.
  
• Deep understanding of application security and secure SDLC across modern stacks (JavaScript/React, C#/.NET, Azure services, containers).
  
• Knowledge of OWASP Top 10 and mitigation strategies.
  
• Experience with modern authentication and authorization protocols (OpenID Connect, OAuth2.0).
  
• Hands-on experience with SAST/DAST tools and integration into SDLC.
  
• Proficiency in coding or scripting languages (C#, Go, Python).
  Experience in:
  
• Azure services, security, and networking
  
• Networking protocols.
  
• Application Reverse Proxies
  
• System Firewalls and security testing tools
  
• .NET cryptographic suites
  
• PKIs and Certification Authorities
  Qualifications & Skills:
  

• Excellent understanding of secure software development standards and lifecycles.
  
• Strong interpersonal and communication skills, both written and verbal.
  
• Ability to present complex security concepts in a clear and user-friendly manner.
  
• Flexible and willing to work outside core business hours when required.
  The base
  You'll be based at our Broadlands Business Campus near Horsham in West Sussex. It has high standards and international reputation, without being in the city: a big, countryside campus means life will feel a little different. We support our offices by using cutting edge software and hardware and our spacious campus facilities mean there's a great working environment for the team. With an on-site restaurant, coffee shop and gym, our campus has much to offer. And commuters can relax on our dedicated regular shuttle bus to and from Horsham’s main line train station