Security Architect

Lead Security Architect The Opportunity Albany Beck is partnering with a global Investment Bank to deliver a critical Protocol Analysis & Remediation programme. We’re looking for a Lead Security Architect with deep technical expertise and a strategic mindset to drive the design and implementation of security controls focused on reducing the risk of attackers moving undetected between systems within the organisation’s network This is a hands-on architecture role where you'll lead discovery, design, and implementation efforts, playing a vital role in reducing risk and progressing toward a Zero Trust framework. Key Responsibilities Lead the development of robust security architectures to detect, prevent and contain lateral movement between endpoints and workloads. Drive the discovery phase by analysing logs (via Azure Log Analytics) and auditing configurations to identify vulnerabilities and insecure protocols. Define and present security architecture designs and risk reduction recommendations to Cyber Security Architecture and Engineering teams for sign-off. Collaborate with Linux and Windows SMEs to implement secure configurations and protocol controls. Architect and enforce network segmentation and access control models. Conduct security assessments, provide remediation strategies, and guide stakeholders in secure design principles. Stay current on threats, attack vectors, and mitigation techniques to future-proof the organisation’s security posture. Experience & Knowledge: 8 years in Information Security with a strong architecture focus. Expert in lateral movement risks, network segmentation, and endpoint security. Deep familiarity with security frameworks: NIST, ISO 27001, Zero Trust. Extensive experience with Windows and Linux hardening. Skilled in protocol analysis, network architecture, and infrastructure design. Technical Toolkit: Strong command of Azure Log Analytics, KQL, and Azure-based security tools. Scripting: Python, PowerShell, Shell. Experience with IDS/IPS, firewalls, SIEMs, and vulnerability management tools. Strong grasp of Active Directory, Azure AD, and identity access governance. Familiarity with secure infrastructure platforms: SQL Server, Oracle, HA clustering.