We are looking for a Managing Security Architect to help embed security best practice and secure-by-design principles across a broad range of client engagements. Reporting to the Security Architecture Lead within Cyber Security, you will work closely with architects, delivery teams, and stakeholders across the organisation to ensure security is built into solutions from the outset, rather than added later. You will play a key role in shaping secure, practical, and business-aligned outcomes for our clients. In this role, you will develop security architecture blueprints and supporting documentation, including high-level and low-level designs, review proposed architectures, and carry out security gap analyses to inform remediation and roadmap planning. Using a risk-based approach and recognised security architecture frameworks, you will design controls that address both current and emerging cyber threats while supporting client business objectives. This is an exciting opportunity to lead from the front in cyber security and deliver meaningful value to our clients. This is a hybrid role, and travel is required to customer sites, which are predominantly based in the South of England. What you will be doing: Lead security activities for large client engagements, building strong and trusted relationships with both customers and internal stakeholders. Develop and maintain security control frameworks that align with client objectives, contractual obligations, and regulatory requirements. Analyse existing and proposed solution architectures to identify security risks, recommend mitigating controls, and apply secure architecture principles to strengthen security posture. Translate customer requirements into effective, innovative, and practical security solutions. Produce and review security architecture documentation, including high-level and low-level designs, implementation detail, and testing requirements. Lead security contributions to bids, proposals, and new business opportunities. Develop security control roadmaps that align organisational plans with regulatory, legal, and contractual requirements. Contribute actively to the Cyber Security Centre of Excellence. Promote awareness of emerging cyber threats, vulnerabilities, and industry best practice across the Cyber Security team and wider organisation. Support the growth and development of the Cyber Security team through mentoring, coaching, and recruitment support. What you bring: A strong track record in a Security Architecture role, including experience leading security work across large client engagements. The ability to understand complex technical and business information and communicate clearly with both technical and non-technical audiences. Strong knowledge of security architecture principles and frameworks, including SABSA and guidance from organisations such as NIST and NCSC. Experience designing and documenting effective security controls aligned to business objectives using a risk-based approach. Strong leadership, influencing, and stakeholder management skills. Excellent analytical and problem-solving capability, with the ability to assess complex situations, identify risks, and recommend practical solutions. Excellent written and verbal communication skills, with confidence engaging audiences from end users to executive leadership. Good project management skills, with the ability to manage multiple priorities and initiatives simultaneously. Strong client relationship management skills. The ability to work independently, using sound judgement and taking ownership of outcomes. A relevant cyber or information security qualification, such as CISSP, CCSK, CCSP, TOGAF, or SABSA. It would be great if you had: Cloud security reference architectures, such as AWS and Azure. NIST Cybersecurity Framework and SP 800-53 controls. NCSC guidance and standards. Secure-by-Design methodologies. Specialist security domains such as Identity and Access Management, Infrastructure Security, and Data Security. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: UK Mobile - travel required Security Clearance Level: Active SC and willingness to go through DV Internal Recruiter: Jane Salary: £80,000 to £90,000 Benefits: Bonus, 25 days annual leave with the choice to buy extra days,£5,400 car allowance, 3% flex fund, medical insurance, life assurance, and 6% pension Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
May 02, 2026
Full time
We are looking for a Managing Security Architect to help embed security best practice and secure-by-design principles across a broad range of client engagements. Reporting to the Security Architecture Lead within Cyber Security, you will work closely with architects, delivery teams, and stakeholders across the organisation to ensure security is built into solutions from the outset, rather than added later. You will play a key role in shaping secure, practical, and business-aligned outcomes for our clients. In this role, you will develop security architecture blueprints and supporting documentation, including high-level and low-level designs, review proposed architectures, and carry out security gap analyses to inform remediation and roadmap planning. Using a risk-based approach and recognised security architecture frameworks, you will design controls that address both current and emerging cyber threats while supporting client business objectives. This is an exciting opportunity to lead from the front in cyber security and deliver meaningful value to our clients. This is a hybrid role, and travel is required to customer sites, which are predominantly based in the South of England. What you will be doing: Lead security activities for large client engagements, building strong and trusted relationships with both customers and internal stakeholders. Develop and maintain security control frameworks that align with client objectives, contractual obligations, and regulatory requirements. Analyse existing and proposed solution architectures to identify security risks, recommend mitigating controls, and apply secure architecture principles to strengthen security posture. Translate customer requirements into effective, innovative, and practical security solutions. Produce and review security architecture documentation, including high-level and low-level designs, implementation detail, and testing requirements. Lead security contributions to bids, proposals, and new business opportunities. Develop security control roadmaps that align organisational plans with regulatory, legal, and contractual requirements. Contribute actively to the Cyber Security Centre of Excellence. Promote awareness of emerging cyber threats, vulnerabilities, and industry best practice across the Cyber Security team and wider organisation. Support the growth and development of the Cyber Security team through mentoring, coaching, and recruitment support. What you bring: A strong track record in a Security Architecture role, including experience leading security work across large client engagements. The ability to understand complex technical and business information and communicate clearly with both technical and non-technical audiences. Strong knowledge of security architecture principles and frameworks, including SABSA and guidance from organisations such as NIST and NCSC. Experience designing and documenting effective security controls aligned to business objectives using a risk-based approach. Strong leadership, influencing, and stakeholder management skills. Excellent analytical and problem-solving capability, with the ability to assess complex situations, identify risks, and recommend practical solutions. Excellent written and verbal communication skills, with confidence engaging audiences from end users to executive leadership. Good project management skills, with the ability to manage multiple priorities and initiatives simultaneously. Strong client relationship management skills. The ability to work independently, using sound judgement and taking ownership of outcomes. A relevant cyber or information security qualification, such as CISSP, CCSK, CCSP, TOGAF, or SABSA. It would be great if you had: Cloud security reference architectures, such as AWS and Azure. NIST Cybersecurity Framework and SP 800-53 controls. NCSC guidance and standards. Secure-by-Design methodologies. Specialist security domains such as Identity and Access Management, Infrastructure Security, and Data Security. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: UK Mobile - travel required Security Clearance Level: Active SC and willingness to go through DV Internal Recruiter: Jane Salary: £80,000 to £90,000 Benefits: Bonus, 25 days annual leave with the choice to buy extra days,£5,400 car allowance, 3% flex fund, medical insurance, life assurance, and 6% pension Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
As a Senior Security Engineer, you will be involved with the design, documentation and installation and management of security monitoring tools/platforms to provide data to the Sopra Steria Security Operational Centre (SOC) for analysis. Your role will be pivotal in ensuring that we have the correct tooling operating to ensure that we can provide protection and monitoring of our clients. You will collaborate with cross-functional teams to assess risks, design controls, and define testing requirements. Your leadership and expertise will be critical in fostering a strong culture of technology expertise and security by design across Sopra Steria. You will play a lead role in helping our clients understand their security challenges and then specify, plan and implement controls to improve their security posture. This is a superb opportunity to continue developing your hands-on experience in the field of cybersecurity while contributing to the overall security posture of the organisation. What you will be doing: Lead on security activities for large client engagements through creating and maintaining strong stakeholder relationships (customer and internal), developing a solution that align with overall objectives and contractual obligations. Identify and understand customer requirements and demonstrate creativity and innovation in applying solutions for the benefit of the customer. Identify and design solutions that understand customer requirements and apply industry best practice in solutions for the benefit of the customer. Collaborate with other team members to identify potential cyber risks, assess their impact and develop technical mitigation strategies. Working with Security Architecture to inform focused security solution design for SOC/SIEM solutions. Formulate security strategy, creatively applying a wide range of technical and/or management principles. Stay up to date with the latest cybersecurity threats, vulnerabilities, and industry standard methodologies, and provide recommendations for improvements. Lead security aspects of bid responses and opportunity identification. Demonstrate awareness of the latest cybersecurity threats, vulnerabilities and industry standard methodologies. Enable the development and growth of the Cyber Security team through mentoring of junior team members, supporting recruitment activities and encouraging engagement with the Cyber Security Community of Expertise. What you will bring: Successful track record leading teams within Security Engineering coupled with experience of leading large client engagements. Strong client management and relationship building experience. Ability to absorb complex information and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. Good project management skills, with the ability to balance multiple initiatives and priorities simultaneously. SIEM experience with Azure Sentinel and or Splunk. Experience of running simulated or reacting to actual incidents, following procedures and good practice to limit, reduce and remediate. Strong leadership, influencing and people management skills. Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective solutions. Excellent communication skills, both written and verbal, at all levels from Executives to end users. Demonstrate significant personal responsibility or autonomy, with little need for escalation. It would be great if you had: Cloud, on-prem, SaaS, PaaS, IaaS environments. Security incident response, code / malware analysis. Strong coding skills. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: Hertfordshire Security Clearance Level: willingness to go through SC Internal Recruiter: Jane Salary: Up to £75,000 Benefits: 25 days annual leave with the choice to buy extra days,£5,400 car allowance, Medical Insurance, life assurance, and 6% pension Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
May 02, 2026
Full time
As a Senior Security Engineer, you will be involved with the design, documentation and installation and management of security monitoring tools/platforms to provide data to the Sopra Steria Security Operational Centre (SOC) for analysis. Your role will be pivotal in ensuring that we have the correct tooling operating to ensure that we can provide protection and monitoring of our clients. You will collaborate with cross-functional teams to assess risks, design controls, and define testing requirements. Your leadership and expertise will be critical in fostering a strong culture of technology expertise and security by design across Sopra Steria. You will play a lead role in helping our clients understand their security challenges and then specify, plan and implement controls to improve their security posture. This is a superb opportunity to continue developing your hands-on experience in the field of cybersecurity while contributing to the overall security posture of the organisation. What you will be doing: Lead on security activities for large client engagements through creating and maintaining strong stakeholder relationships (customer and internal), developing a solution that align with overall objectives and contractual obligations. Identify and understand customer requirements and demonstrate creativity and innovation in applying solutions for the benefit of the customer. Identify and design solutions that understand customer requirements and apply industry best practice in solutions for the benefit of the customer. Collaborate with other team members to identify potential cyber risks, assess their impact and develop technical mitigation strategies. Working with Security Architecture to inform focused security solution design for SOC/SIEM solutions. Formulate security strategy, creatively applying a wide range of technical and/or management principles. Stay up to date with the latest cybersecurity threats, vulnerabilities, and industry standard methodologies, and provide recommendations for improvements. Lead security aspects of bid responses and opportunity identification. Demonstrate awareness of the latest cybersecurity threats, vulnerabilities and industry standard methodologies. Enable the development and growth of the Cyber Security team through mentoring of junior team members, supporting recruitment activities and encouraging engagement with the Cyber Security Community of Expertise. What you will bring: Successful track record leading teams within Security Engineering coupled with experience of leading large client engagements. Strong client management and relationship building experience. Ability to absorb complex information and communicate effectively at all levels to both technical and non-technical audiences, assess and evaluate risk and understand the implications of new technologies. Good project management skills, with the ability to balance multiple initiatives and priorities simultaneously. SIEM experience with Azure Sentinel and or Splunk. Experience of running simulated or reacting to actual incidents, following procedures and good practice to limit, reduce and remediate. Strong leadership, influencing and people management skills. Excellent analytical and problem-solving skills coupled with ability to assess complex situations, identify risks, and recommend effective solutions. Excellent communication skills, both written and verbal, at all levels from Executives to end users. Demonstrate significant personal responsibility or autonomy, with little need for escalation. It would be great if you had: Cloud, on-prem, SaaS, PaaS, IaaS environments. Security incident response, code / malware analysis. Strong coding skills. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Permanent Location: Hertfordshire Security Clearance Level: willingness to go through SC Internal Recruiter: Jane Salary: Up to £75,000 Benefits: 25 days annual leave with the choice to buy extra days,£5,400 car allowance, Medical Insurance, life assurance, and 6% pension Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
We are looking for a Managing Security Engineer to lead the design, implementation and documentation of enterprise security monitoring platforms. This is a key technical leadership role, responsible for ensuring the right tooling, controls and processes are in place to help protect and monitor our clients' environments. This opportunity is ideally suited to someone with strong hands-on experience deploying and managing Splunk at enterprise scale. In return, the role offers the chance to broaden your capability and gain deeper experience in Elastic Security, with support to build your expertise further. You will work closely with cross-functional teams to assess risk, design effective security controls and define testing requirements. You will champion security by design, promote engineering excellence and act as a trusted advisor to clients, helping them understand their security challenges and implement practical, effective solutions to strengthen their security posture. This is an excellent opportunity to deepen your hands-on cybersecurity expertise while making a meaningful impact across both client and organisational security. This role is permanent and requires full-time, on-site working in Hemel Hempstead. The successful candidate may also participate in an out-of-hours call-out rota. What you will be doing: Lead the deployment, management and optimisation of Splunk Enterprise and Splunk ES platforms in large, complex environments. Support and develop capability in Elastic Stack / Elastic Security, with training and upskilling provided as needed. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes. Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible. Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and proactive monitoring. Provide technical leadership and guidance to internal teams and clients on security monitoring strategy and best practice. What you will bring: Proven experience deploying and managing Splunk at enterprise scale. Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation. Strong problem-solving skills and a proactive approach to improving security operations. An interest in developing expertise in Elastic Security, with support and training available as part of the role. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full Time, Permanent Location: Hemel Hempstead Security Clearance Level: DV Cleared Internal Recruiter: Jane Salary: from £DOE Benefits: £5400 Car Allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
May 02, 2026
Full time
We are looking for a Managing Security Engineer to lead the design, implementation and documentation of enterprise security monitoring platforms. This is a key technical leadership role, responsible for ensuring the right tooling, controls and processes are in place to help protect and monitor our clients' environments. This opportunity is ideally suited to someone with strong hands-on experience deploying and managing Splunk at enterprise scale. In return, the role offers the chance to broaden your capability and gain deeper experience in Elastic Security, with support to build your expertise further. You will work closely with cross-functional teams to assess risk, design effective security controls and define testing requirements. You will champion security by design, promote engineering excellence and act as a trusted advisor to clients, helping them understand their security challenges and implement practical, effective solutions to strengthen their security posture. This is an excellent opportunity to deepen your hands-on cybersecurity expertise while making a meaningful impact across both client and organisational security. This role is permanent and requires full-time, on-site working in Hemel Hempstead. The successful candidate may also participate in an out-of-hours call-out rota. What you will be doing: Lead the deployment, management and optimisation of Splunk Enterprise and Splunk ES platforms in large, complex environments. Support and develop capability in Elastic Stack / Elastic Security, with training and upskilling provided as needed. Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes. Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible. Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and proactive monitoring. Provide technical leadership and guidance to internal teams and clients on security monitoring strategy and best practice. What you will bring: Proven experience deploying and managing Splunk at enterprise scale. Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation. Strong problem-solving skills and a proactive approach to improving security operations. An interest in developing expertise in Elastic Security, with support and training available as part of the role. If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full Time, Permanent Location: Hemel Hempstead Security Clearance Level: DV Cleared Internal Recruiter: Jane Salary: from £DOE Benefits: £5400 Car Allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
