Security Architect (Infrastructure & Network Security) - freelance - hybrid, London, UK
Contract Comgent United Kingdom
Posted On 03/09/2026
Job Information
Standard Business working Hours Yes
Work Experience 8-10
City London
State/Province City of London
N/A
Special Considerations
We are committed to building an inclusive workplace and encourage applications from women and other under-represented groups in tech. All qualified candidates are welcome.
Start date: Apr/ May 2026
Location: London, UK (Hybrid - minimum 2 days per week in office)
Job Description
The organisation currently lacks formal security architecture governance at the infrastructure level - there are no documented security standards guiding network or infrastructure design. This role will establish that function, ensuring all new infrastructure designs conform to defined security standards and that the organisation's security posture improves in step with the broader transformation programme. Key responsibilities Define and document infrastructure security architecture standards and principles aligned to industry frameworks Review and provide security sign-off on network and infrastructure designs as part of the transformation programme.
Key responsibilities
- Define and document infrastructure security architecture standards and principles aligned to industry frameworks.
- Review and provide security sign-off on network and infrastructure designs as part of the transformation programme.
- Identify security gaps across the current environment (network, server, voice, hosting) and produce a prioritised remediation roadmap.
- Work with the CISO function to establish technical security policies where none currently exist.
- Evaluate and rationalise the existing security tooling estate (firewalls, network security tools, monitoring).
- Provide guidance on firewall architecture (Palo Alto migration from ASA, segmentation strategy).
- Advise on secure cloud architecture and landing zone design for hybrid/multi-cloud environments.
- Support procurement and vendor selection with security assessment criteria.
Requirements Technical Requirements
- Strong network security architecture skills: firewall design, micro-segmentation, DMZ architecture, east-west traffic control
- Palo Alto Networks (PA-40 series): policy design, migration from legacy ASA
- Understanding of regulatory requirements applicable to financial services (FCA, PRA, JFSA reporting obligations)
- Knowledge of security frameworks: NIST, ISO 27001, CIS Controls
- Cloud security: Azure, AWS security architecture, secure landing zones
- Vulnerability management, threat modelling, and security risk assessment
- Experience defining and implementing security policies for hybrid environments
Advantageous
- CISSP, CISM, or equivalent professional qualification
- Experience with network automation and security orchestration
- Familiarity with SIEM, NDR, or network observability tooling
- Understanding of trading floor and financial services technology risk
- Able to operate without pre-existing governance frameworks and build structure from scratch
- Pragmatic risk-based approach to security - able to prioritise and communicate trade-offs
- Strong stakeholder management skills, including engagement with C-suite and regulatory audiences
- Commercial awareness - able to assess security tooling value and total cost of ownership