United Kingdom onlySecurity Architect
2-3 days Bristol then rest remote 6 months likely extension £600pd outside IR35 Active DV or SC clearance required
Key Responsibilities
- Architecture Design Develop secure architecture designs for container platforms (e.g., Kubernetes, OpenShift, Docker).
- Architect and strengthen security controls across virtualisation technologies , including VMware, Hyper?V, and cloud-native virtualisation frameworks.
- Produce high-quality HLDs/LLDs , security patterns, and architectural governance artefacts.
- Ensure designs align with NCSC guidance , industry best practices (e.g., CIS Benchmarks), and organisational policy.
- Security Assurance Conduct security assessments and threat modelling against containerised and virtualised workloads.
- Validate platform configurations against security baselines, compliance frameworks, and risk appetite.
- Provide expert guidance during project delivery to ensure security by design principles are followed.
- Support accreditation activities and ensure all architectural documentation meets government standards.
- DevSecOps Platform Security Embed security controls within CI/CD pipelines.
- Advise on secure container image lifecycle management (build, scan, deploy, retire).
- Evaluate and implement tools for: Container security scanning (e.g., Trivy, Aqua, Twistlock)
- Runtime protection and workload isolation Secrets and identity management (Vault, KMS, etc.)
- Define security controls for ingress/egress, service mesh, and inter?container communications.
Stakeholder Engagement
- Work closely with engineering, infrastructure, and security operations teams.
- Act as SME for containerisation and virtualisation security.
- Communicate complex technical concepts to both technical and non?technical stakeholders.
- Influence and guide senior leadership on architectural decisions and risk.
Essential Skills Experience
- Active SC Clearance (minimum).
- Proven track record as a Security Architect in large-scale or secure environments.
- Deep technical knowledge of: Kubernetes , Docker, and container orchestration platforms.
- Virtualisation platforms such as VMware vSphere/ESXi, Hyper?V, or KVM.
- Cloud platforms (AWS, Azure, GCP) and container services (AKS/EKS/GKE).
- Strong understanding of: Network and infrastructure security Zero Trust principles Identity and Access Management (IAM) Secrets management Workload isolation and micro?segmentation
- Knowledge of security standards and frameworks: NIST, ISO 27001, CIS Benchmarks NCSC Cloud Security Principles Government Security Classifications Policy
Desirable Skills
- Experience with OpenShift or enterprise Kubernetes distributions.
- Hands?on security tooling (Falco, Istio, Calico, etc.).
- Experience with SAST/DAST, SBOMs, and software supply chain security.
- Familiarity with automation tooling (Terraform, Ansible, Helm).
- Certifications such as: CCSK / CCSP CISSP CISM Kubernetes Security Specialist (CKS) VMware security-related certifications
If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
