Product Security Architect

Job Title: Product Security Architect (Contract)

Location: UK-based / Remote

Contract: 3 months initially, Outside IR35

Why Apply?

This is an opportunity to play a key role in shaping Product Security for an international technology organisation. The role offers exposure to a federated environment across multiple business units, providing strategic influence and hands on technical impact.

Responsibilities:

• Define, lead, and evolve a group-wide Product Security and Secure SSDLC strategy across all business units.
• Assess current AppSec capabilities, identify gaps, and implement practical, scalable improvements.
• Collaborate with Product Architects, engineering, and security teams to integrate security into GitHub, CI/CD pipelines, and development workflows.
• Provide architecture guidance and implement secure coding practices, threat modelling, and security tooling.
• Partner with stakeholders to define AppSec KPIs, monitor metrics, and report on security posture.
• Oversee Secure by Design initiatives, including project execution, vendor management, and integration with third-party tools.
• Advise on regulatory compliance, secure infrastructure as code, APIs, and modern DevSecOps principles.

Requirements:

• 8+ years' experience in software development and application security, with recent experience in AppSec leadership or Security Architecture roles.
• Proven experience in embedding security practices into enterprise scale product development.
• Expertise in secure software development lifecycle, threat modelling, and security architecture.
• Strong GitHub knowledge, including security architecture for CI/CD pipelines.
• Experience with AppSec tooling.
• Familiarity with DevSecOps practices, cloud-native environments, and container security.
• Professional security certifications highly desirable (CISSP, CSSLP, CISM, or AppSec-specific).
• Experience in federated environments, regulated industries, or large enterprises is advantageous.
• Excellent communication skills for collaborating with technical teams and business leaders.

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.