Contract

Security Architect

Bristol

£600 - £601/day

225112550

Posted 2 weeks ago

Security Architect
2-3 days Bristol then rest remote
6 months likely extension
-600pd outside IR35
Active DV or SC clearance required

Key Responsibilities

Architecture & Design

Develop secure architecture designs for container platforms (e.g., Kubernetes, OpenShift, Docker).
Architect and strengthen security controls across virtualisation technologies, including VMware, Hyper?V, and cloud-native virtualisation frameworks.
Produce high-quality HLDs/LLDs, security patterns, and architectural governance artefacts.
Ensure designs align with NCSC guidance, industry best practices (e.g., CIS Benchmarks), and organisational policy.

Security Assurance

Conduct security assessments and threat modelling against containerised and virtualised workloads.
Validate platform configurations against security baselines, compliance frameworks, and risk appetite.
Provide expert guidance during project delivery to ensure security by design principles are followed.
Support accreditation activities and ensure all architectural documentation meets government standards.

DevSecOps & Platform Security

Embed security controls within CI/CD pipelines.
Advise on secure container image lifecycle management (build, scan, deploy, retire).
Evaluate and implement tools for:
- Container security scanning (e.g., Trivy, Aqua, Twistlock)
- Runtime protection and workload isolation
- Secrets and identity management (Vault, KMS, etc.)
Define security controls for ingress/egress, service mesh, and inter?container communications.

Stakeholder Engagement

Work closely with engineering, infrastructure, and security operations teams.
Act as SME for containerisation and virtualisation security.
Communicate complex technical concepts to both technical and non?technical stakeholders.
Influence and guide senior leadership on architectural decisions and risk.

Essential Skills & Experience

Active SC Clearance (minimum).
Proven track record as a Security Architect in large-scale or secure environments.
Deep technical knowledge of:
- Kubernetes, Docker, and container orchestration platforms.
- Virtualisation platforms such as VMware vSphere/ESXi, Hyper?V, or KVM.
- Cloud platforms (AWS, Azure, GCP) and container services (AKS/EKS/GKE).
Strong understanding of:
- Network and infrastructure security
- Zero Trust principles
- Identity and Access Management (IAM)
- Secrets management
- Workload isolation and micro?segmentation
Knowledge of security standards and frameworks:
- NIST, ISO 27001, CIS Benchmarks
- NCSC Cloud Security Principles
- Government Security Classifications Policy

Desirable Skills

Experience with OpenShift or enterprise Kubernetes distributions.
Hands?on security tooling (Falco, Istio, Calico, etc.).
Experience with SAST/DAST, SBOMs, and software supply chain security.
Familiarity with automation tooling (Terraform, Ansible, Helm).
Certifications such as:
- CCSK / CCSP
- CISSP
- CISM
- Kubernetes Security Specialist (CKS)
- VMware security-related certifications

If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.

View Full Details Save