LAP Security Architect

AP Security Architect Requirement

• Rate; Flexible
• Location; Remote – adhoc travel to London
• Duration; 6 month initial

You will be supporting a Legacy Application program in upgrading hundreds of business applications across Wintel, Linux and cloud environments.

Core Competencies

• Legacy System Modernisation: Proven experience in upgrading legacy applications while maintaining operational continuity, including migration strategies for Wintel-to-cloud or Linux-to-cloud transitions.
• Secure Architecture Design: Ability to create architecture patterns for hybrid environments (on-premises, cloud) and enforce secure-by-design principles (e.g., NIST, ISO 27001).
• ITHC Leadership: CREST/CHECK-accredited experience conducting or supporting pre- and post-deployment security assessments, vulnerability management, and remediation planning.

Technical Experience

• Wintel/Linux: Securing legacy applications via patching, hardening, and privilege management (e.g., Active Directory, SELinux).
• Cloud (AWS/Azure/GCP): Designing IAM policies, encryption (FIPS 140-validated modules), and network segmentation for hybrid environments.
• DevSecOps: Integrating SAST/DAST tools into CI/CD pipelines and automating compliance checks.

Security Documentation

• Threat Modeling: Using frameworks to identify risks in legacy-to-modern transitions.
• Security Control Sets: Defining controls for data encryption, access management, and audit logging aligned with NCSC guidelines.
• ITHC Reports: Delivering CHECK-compliant reports with actionable remediation plans.
• Align audit outcomes with organisational risk appetite, ensuring legacy system upgrades mitigate critical threats (e.g., unauthorised access, data leakage)
• Audit risk registers and treatment plans to confirm they address legacy technical debt and transformation uncertainties

Government Compliance

• Standards: Familiarity with HMG Security Policy Framework, NCSC Cloud Principles, and Secure by Design activities .
• Certifications (some of the following): CISSP, CCSP, SABSA Chartered Security Architect (SCF/SCP), CSSLP, CASP+, GIAC GDSA.

Programme Delivery Skills

• Stakeholder Collaboration: Leading cross-functional teams (developers, ops, risk owners) to align security with business objectives.
• Risk Appetite Management: Balancing security requirements with project timelines and budgetary constraints.
• Threat assessments and risk registers.
• Security Controls Statement of Applicability .
• Pre- and post-ITHC compliance reports.

UK Government Experience: – Preferred to have 3 years previous experience supporting UK Government Depts as a Security Architect

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.