Interested in this role?
Subscribe to newsletter
Key Responsibilities:
Security Architecture & Strategy
· Define and own iplicit’s security architecture vision, aligned to a modern cloud-native SaaS and Zero Trust operating model.
· Embed security architecture principles into Platform 2.0, ensuring secure-by-design patterns are adopted across all domains.
· Translate findings from independent security reviews into durable architectural controls and remediation plans.
· Act as the single point of accountability for security architecture decisions and trade-offs.
Zero Trust & Identity-Centric Security
· Design and evolve a Zero Trust reference architecture across Azure, identity, network, application, and data layers.
· Ensure strong alignment between identity, access control, device posture, and conditional access using Entra ID, Intune, and related controls.
· Defineguardrails and patterns for least-privilege access, service identity, andworkload isolation.
Threat Modelling & Risk Management
· Leadstructured threat modelling across platform components, data flows, andintegrations.
· Identifyhigh-risk vulnerabilities and systemic weaknesses, prioritising remediationbased on business risk.
· Partnerwith Engineering and Product to ensure security risks are understood andaddressed early in design.
SOC & Operational Security Enablement
· Define the security operating model for detection, response, and escalation, aligned to SOC readiness.
· Provide architectural oversight for Microsoft Sentinel, Defender, and security telemetry design.
· Support incident response planning, post-incident reviews, and continuous improvement.
Governance,Compliance & Assurance
· Own security architecture inputs to ISO 27001 and related assurance activities.
· Ensure security controls are well-documented, auditable, and consistently applied.
· Align platform security design with recognised standards and best practice (e.g. NIST, Zero Trust frameworks).
· Demonstrates a commitment to the ethical and responsible use of Artificial Intelligence in the workplace. The successful candidate will be expected to understand and adhere to the company's Artificial Intelligence Policy and broader Integrated Management System (IMS) procedures. This includes remaining vigilant and proactively reporting any AI-related anomalies, information security events, or operational weaknesses
Enablement & Collaboration
· Act as a trusted security advisor to Engineering Squads, enabling secure delivery without unnecessary friction.
· Define reusable security patterns, reference designs, and architectural guidance.
· Raisesecurity maturity across Engineering through pragmatic coaching and influence.
Core Competencies:
Essential Skills & Experience
· Proven experience as a Security Architect or senior security specialist within a cloud-native SaaS environment.
· Strong expertise in Zero Trust architecture and identity-centric security models.
· Deep experience with Microsoft Azure security services (e.g. Entra ID, Defender, Sentinel, networking and platform security).
· Hands-on experience leading threat modelling and risk-based security design.
· Strong understanding of SaaS security concerns including multi-tenancy, data protection, and platform resilience.
· Experience supporting ISO 27001 or equivalent security frameworks.
Leadership & Communication
· Ability to influence senior technical and non-technical stakeholders.
· Comfortable operating as a design authority rather than an enforcement function.
· Pragmatic, delivery-focused mindset with strong commercial awareness.
Preferred Skills & Experience
· Experience operating enterprise grade SaaS and PaaS platforms in the cloud (Azure preferred).
· Financial systems or ERP domain experience.
· Experience working with external security assessors or auditors.
· Degree in Cyber-Security, Computer Science or equivalent experience.
Apply now
If you'd like to apply for this role, please complete the form with your contact details and application documents. Our people team will be in touch.