IT Risk Advisor specialising in secure-by-design architecture to provide technical security oversight across both project delivery and BAU operations. This role sits within technology governance, ensuring robust, proportionate security controls are embedded across evolving environments.

You will work closely with architects, engineers, and operational teams to influence design decisions, review risk, and ensure security is consistently integrated without impacting delivery pace.

Security Architecture Governance:

• Define and maintain security architecture patterns, standards, and reference designs across cloud and on-prem environments.
• Establish secure configuration baselines and promote consistent adoption.
• Contribute to architecture governance forums (e.g. Architecture Review Board).
• Review and assess high-risk design exceptions, ensuring risks are understood and managed.
• Drive adoption of secure-by-design principles across engineering teams.

Project Security Advisory:

• Provide hands-on security architecture guidance to delivery teams.
• Conduct threat-informed design reviews and support appropriate control selection.
• Apply secure patterns, reference architectures, and hardening standards.
• Enable early engagement to minimise downstream risk and rework.

Operational Security Oversight (BAU):

• Participate in Change Advisory Boards, providing security review and challenge.
• Review and approve high-risk firewall and configuration changes.
• Assess configurations across cloud (Azure) and on-prem infrastructure.
• Identify misconfigurations and exposure risks against defined baselines.
• Support prioritisation and remediation of high-risk and zero-day vulnerabilities.
• Provide pragmatic, operationally aligned security recommendations.
• Help reduce attack surface and improve resilience across IT operations.

Desirable Skills & Experience:

• Previous experience in a security architect or similar role.
• Knowledge of regulatory frameworks (e.g. NIS2, Cyber Resilience Act).
• Industry certifications such as CISSP, GICSP, or equivalent.
• Degree in Computer Science, Information Security, or relevant discipline.

TMM Recruitment INDIT