Lead Security Solution Architect- PAM

Posted 25 September 2025
Salary £550 per day
LocationSheffield
Job type Permanent
Discipline TechnologyCommodities and Financial Services

Job description

Project Overview

CLIENT is working on a strategic Identity and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. One of the pillars of that programe is Privileged Access Management (PAM).

CLIENT is working on uplifting controls and capabilities in privileged access for the Group and introducing the strategic password vaulting solution that will enable to meet strategic requirements.

We are seeking an experienced Lead Security Solution Architect that can complement an existing team of Solution Architects to progress with designs of different components of the PAM solution and other supporting systems it will need to integrate with as part of the end-to-end journey.

Security Solution Architects manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Security Solution Architects will be required to record key decisions, design deviations, and technical risks and issues where appropriate. Security Solution Architects should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders.

The Lead Security Solution Architect will provide technical thought leadership and direction to their project team and may represent the project / programme as subject matter expert. This role will require someone experienced in managing a team of on-shore and off-shore resources to deliver High- and Low-level designs to the required quality and standard.

Principal Preferred Requirements

Cybersecurity Expertise:

  • Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud

  • Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level

  • Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives

  • Experience working in large-scale IT transformation programmes

  • Experience working with PAM solutions such as CyberArk, Centrify, Delinea and OneIdentity

  • Preparing end-to-end configuration of the strategic PAM capability – including on-prem deployments as well as Cloud native toolings

  • Assisting in preparation of demonstrable journeys on the configured PAM tooling

Platform & Technology:

  • BizzDesign, Archi, or generic UML visualisation experience for high-level designs

  • High proficiency and expertise in Jira for project & tasks management

  • Working proficiency in Confluence for documentation

Principal Accountabilities and Responsibilities

Architecture & Design:

  • Produce, manage, and update end-to-end solution designs in line with reference architecture & business requirements (including High and Low Level Designs

  • Articulate and publish key design decision records and options to ensure all solutions follow a logical, transparent decision-making process

  • Articulate, publish, and ensure approval of any design deviations resulting in technical debt

  • Ensure any technical risks or issues arising from a solution design are recorded and mitigated.

  • Produces, manages and translates the requirements into the architecture for that solution, ensuring technology and services meet the customer needs and expected business outcomes

  • Ensures the design of the solutions are efficient, timely and cost effective throughout the project lifecycle

  • Clear understanding of both the motivations of the business and technical security

  • Promote strong documentation and clerkship

Governance:

  • Ensures all high-level designs, architecture patterns, decision records, deviation requests, and technical risks or issue records undergo architectural and project governance processes

  • Ensure all architecture artefacts undergo appropriate peer review prior to design authority presentation

  • Present publications at technical design authorities for input, feedback, and approval

Risk and Dependency Management:

  • Effectively manages and escalates both technical and project risks or issues

  • Articulates solutions and remediation steps to technical risks & issues

  • Ability to map design decisions to resultant technical risks & issues to articulate the cause and rationale which leads to any negatively impacting change

Leadership & Teamwork

  • Provides technical thought leadership to the Design Team and the Project

  • Ability to manage a project team of technical architects, engineers, and/or analysts

  • Ability to take a deputised role in programme management-related tasks where necessary

Qualifications & Certifications:

  • Masters or doctorate degree in cybersecurity, computer science, software engineering, or related field

  • CISSP/CISM certification or other broad cybersecurity industry-recognised certificate

  • SABSA or TOGAF certified preferred

Inside IR35

6 Months

3 days/week onsite