National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Security Architecture and Engineering Senior Manager

Allen & Overy
Greater London
2 days ago
Create job alert


We are recruiting for a Security Architecture and Engineering Senior Manager to join the A&O Shearman London office.

Apply today via the link below or contact for more information.


About the team

The firm’s ability to keep our clients’ data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the world’s large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board. 

Led by our new CISO, Yolande Young, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman’s strategy to lead where global complexity creates opportunity. 

In addition, you will have the opportunity to share and gain intel from the firm’s cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients’ cyber risk management and incident response programmes. 


What you will do

Security Architecture Strategy & Governance 

Orchestrate the Security Architecture team in the development and maintenance of a comprehensive security architecture strategy across the firm’s platforms, including M365, legal and risk platforms, legal tech systems, data platforms, AI, infrastructure, and knowledge management. 

Ensure that platform-specific security standards, patterns, and design principles which suitably support secure business operations and digital transformation have been defined and are enforced. 


Platform Security Oversight 

Serve as the security lead for platform-specific architecture, ensuring consistent and scalable security practices across domains (e.g., M365, AI, knowledge, data, and legal tech). 

Collaborate with platform owners to embed security early in the lifecycle of new technologies and tools. 

Oversee assessments of the security posture of each platform and provide architectural recommendations to mitigate risks. 


Security Design and Architecture Assurance 

Review and approve security architecture designs for new services, platform upgrades, and major integrations, with a focus on data privacy, identity management, and access controls. 

Ensure alignment with firm-wide security policies, particularly in relation to cloud security, data loss prevention, AI governance, and information governance. 

Champion zero trust and defence-in-depth strategies across all applicable platforms, ensuring alignment with the strategy and architecture of the Digital Trust team. 


Risk Management and Legal Sector Compliance 

Drive the identification and remediation of platform-specific security risks by leading discussions with more senior stakeholders and acting as a point of escalations. 

Ensure compliance with legal, regulatory, and professional obligations, including client confidentiality, data protection (e.g., GDPR), and audit requirements in architecture and engineering work. 

Act as a key liaison with Risk, Legal, and Compliance teams to align platform security with client contracts and industry expectations. 


Team Leadership and Cross-Platform Collaboration 

Mentor, guide, and manage the performance of a team of platform security architects and engineers. 

Foster a culture of knowledge sharing and cross-functional collaboration to ensure platform security requirements are well understood and implemented. 

Coordinate with other engineering and technology colleagues to ensure cohesive and complementary controls. 


Stakeholder Engagement & Communication 

Engage with senior leadership, IT, knowledge, and legal operations stakeholders to advocate for secure technology decisions. 

Present risk and architecture insights clearly to non-technical audiences, influencing platform-level security investments and priorities. 


What you will have 

Extensive experience in a relevant IT or information security role, with, with a strong focus on developing and implementing security architecture strategies across diverse platforms (e.g., M365, cloud, data, AI). 

Extensive experience in an information security-relevant leadership role, with a demonstrated track record of leading and mentoring a team of security architects. 

At least one relevant, industry-recognised professional certification, such as: 

CISSP 

CCSP 

SANS GIAC. 

Extensive experience in designing and implementing secure architectures across cloud, on-premises, and hybrid environments. 

Proven experience working in a global organization. 

Experience supporting audit and compliance activities related to Security Architecture and Engineering. 

In-depth knowledge of security architecture and engineering principles, technologies, and best practices. 

Strong written and verbal communication, interpersonal, and leadership skills with the ability to collaborate with colleagues across the business and with external parties. 


You will stand out if you bring

Bachelor’s degree in Computer Science or a related field. 

Additional certifications such as CISA, CISM, CCIE, CRISC, or other SANS credentials. 

Experience within the legal or professional services sector. 


What we can offer you
 
We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, online discounts and lifestyle management services.
 
 


Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.

We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.

We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing an onsite gym, wellbeing centre and GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, season ticket loans and online discounts and lifestyle management services.

Our approach to hybrid working seeks to combine and maximise the benefits of effective remote working with the benefits of being in the office. Our current hybrid working arrangements require office based working for a minimum of 60% of your time (i.e. three days per week for a full time role) in accordance with our hybrid working policy.






Related Jobs

View all jobs

Principal Security Architect

Senior Security Engineer

Senior Security Engineer

Senior Security Engineer

Cyber Security Architect

Cyber Security Architect

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

How to Present Cyber Security Solutions to Non-Technical Audiences: A Public Speaking Guide for Job Seekers

Cyber security is no longer just an IT issue—it’s a board-level priority. Whether you’re applying for a role in penetration testing, security operations, risk management, or compliance, your ability to clearly explain cyber threats and solutions to non-technical stakeholders is vital. This guide will help cyber security job seekers develop one of the most in-demand soft skills in the industry: public speaking. You’ll learn how to simplify complex concepts, structure effective presentations, use storytelling and analogies, and handle common stakeholder questions with confidence.

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams. Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025. Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see: Main UK hub Example live or recent vacancy Why it’s worth a look (tech stack, culture, mission) Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.