Principal, Cloud Security Architect (Director Level), Global Cyber Security, RBC Brewin Dolphin[…]

Company: RBC
Apply for the Principal, Cloud Security Architect (Director Level), Global Cyber Security, RBC Brewin Dolphin[…]
Location: London
Job Description:

Overview

The Principal Cloud Security Architect will lead the design, engineering, and delivery of cloud security solutions across RBC’s Azure enterprise environment.

The Principal Cloud Security Architect will lead the design, engineering, and delivery of cloud security solutions across RBC’s Azure enterprise environment. This role owns end-to-end security architecture and hands-on implementation, drives enterprise-scale operationalisation of cloud security capabilities, embeds security into CI/CD pipelines and infrastructure-as-code, and partners with Regulatory, Compliance, and Audit functions to ensure controls meet regulatory frameworks and industry standards. The ideal candidate combines deep technical expertise with strategic leadership—equally comfortable whiteboarding architecture, writing the Terraform to implement it, and guiding teams through complex security transformations at scale.

What will you do? If shortlisted, please let us know if you have any specific requirements for the interview. This is a permanent, full-time role and requires 4 days at our 10 Fenchurch Avenue, London office.

Responsibilities

  • Strategic Leadership & Architecture
  • Lead efforts to secure Azure cloud platform at RBC Brewin Dolphin, serving as the primary security subject matter expert for Azure-native services, identity, networking, and data protection controls.
  • Lead, execute, and deliver on Cloud Security strategy and initiatives with measurable outcomes
  • Build, innovate, and mature Cloud Security Capabilities at RBC Brewin Dolphin.
  • Lead the development of end-to-end technical cloud security design and architecture to ensure safe application on-boarding to meet sponsor/stakeholder needs, without impacting planned time to market timelines.
  • Conduct threat modeling, security architecture assessments, and cloud service security reviews to ensure alignment with industry best practices and RBC’s risk appetite.

Hands-On Technical Implementation

  • Architect and drive security strategy for Azure Kubernetes Service (AKS) and OpenShift Container Platform, including cluster hardening, admission control, runtime security, image assurance, network policy, secrets management, and workload identity.
  • Define and implement security controls for Azure infrastructure supporting AI/ML workloads, including compute provisioning, networking, storage, identity, and platform services (Microsoft Foundry/Azure OpenAI Service, Azure Machine Learning).
  • Lead the enterprise deployment and operationalisation of Wiz CNAPP, including CSPM, CWPP, CIEM, DSPM, and container/Kubernetes security capabilities—driving policy-as-code, risk prioritisation, and remediation workflows at scale.
  • Embed security into CI/CD pipelines and software supply chain (GitHub Actions, Terraform, ArgoCD, Helm) through automated scanning, policy enforcement, IaC security validation, and shift-left developer tooling.

Automation & Controls Development

  • Lead and build preventative and detective controls/measures according to RBC Brewin Dolphin’s cloud control objectives while using modern automation, config as code, and TDD principles to bring reliability.
  • Lead and build automated reporting and monitoring solutions to provide feedback to developers and help them shift left and recognise security gaps early.
  • Experience in hardening and safeguarding cloud services and preventing config drift with native or third-party tools (CSPM, IaaC, linter).
  • Architect, engineer, and deploy cloud security solutions end-to-end—owning the full lifecycle from design through implementation, testing, and production delivery.

Collaboration & Governance

  • Partner with Regulatory, Compliance, and Audit teams to ensure cloud security controls satisfy industry standards, SOX, PCI-DSS, and internal risk frameworks—translating regulatory expectations into technical control implementations and evidence automation.
  • Communicate and collaborate with application developers to remediate security vulnerabilities for their applications and/or resources.
  • Work with cloud stakeholders to design, build, and validate Cloud Security controls.
  • Ability to partner effectively with key stakeholders on complex projects with excellent communication, facilitation, and presentation skills.

What do you need to succeed?

Must-have

  • Demonstrable experience in Cyber Security, with a focus on cloud security architecture and engineering.
  • Deep hands-on expertise with Microsoft Azure security (Defender for Cloud, Entra ID, Azure Policy, Network Security Groups, Private Link, Key Vault).
  • Strong knowledge and experience of cloud security frameworks and governance practices with extensive hands-on experience with Azure cloud platform.
  • Strong experience securing Kubernetes at scale with AKS and/or OpenShift Container Platform—including admission controllers, OPA/Gatekeeper/Kyverno, service mesh security, and runtime protection.
  • Hands-on experience with Wiz CNAPP (or equivalent CNAPP platform) in a large enterprise environment, including policy authoring, risk scoring, and integration with ticketing/remediation workflows.
  • Experience securing CI/CD pipelines and infrastructure-as-code—GitHub Actions, Terraform (including Sentinel/OPA policy), container image pipelines, artifact signing, and SBOM generation.
  • Demonstrated ability to operate as both a security architect and hands-on practitioner—willing to roll up sleeves and write IaC, policy-as-code, automation scripts, or pipeline configurations when needed.
  • Demonstrated experience making architectural decisions based on simplicity, industry frameworks, scalability, and reusability.
  • Ability to partner effectively with key stakeholders on complex programs with excellent communication, facilitation, and presentation skills.

Nice-to-have

  • Experience securing Azure infrastructure for AI/ML workloads—GPU-enabled VMs/node pools, high-bandwidth networking, large-scale storage, and managed AI platform services from a compute, network, and identity perspective.
  • Recognisable security-related industry certifications (CISSP, CCSP, CCSK, OSCP).
  • Azure security certifications (SC-500, SC-100).
  • Kubernetes certifications (CKA, CKS) or Wiz certifications.

What is in it for you?

We thrive on the challenge to be our best – progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

  • A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation
  • Leaders who support your development through coaching and managing opportunities
  • Opportunities to work with the best in the field
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • A world-class training program in financial services.

Agency Notice

RBC Group does not accept agency resumes. Please do not forward resumes to our employees, nor to any other company location. RBC Group only pays fees to agencies where they have entered into a prior agreement to do so and in any event do not pay fees related to unsolicited resumes. Please contact the Recruitment function for additional details.

Job Skills

Architectural Modeling, Azure Kubernetes Service (AKS), Cloud Security Architecture, Cybersecurity, Cyber Security Management, Decision Making, Enterprise IT Architecture, GitHub Actions, Information Security Management, Information Technology Security, Infrastructure As Code (IaC), IT Security Architecture, Kubernetes, Microsoft Azure Security, Multi-Level Communication, Security Architecture Design

Additional Job Details

  • Address: 10 FENCHURCH AVENUE: LONDON
  • City: London
  • Country: United Kingdom
  • Work hours/week: 35
  • Employment Type: Full time
  • Platform: TECHNOLOGY AND OPERATIONS
  • Job Type: Regular
  • Pay Type: Salaried
  • Posted Date: 2026-05-28
  • Application Deadline: 2026-06-11
  • Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

#J-18808-Ljbffr…

Posted: June 3rd, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire