An exciting opportunity has arisen for an experienced Zero Trust Architect to join a forward-thinking organisation delivering large-scale cyber security transformation programmes across enterprise environments.
This role is ideal for a security professional who is passionate about designing and implementing modern, identity-centric security architectures while helping organisations transition toward secure, cloud-first operating models. The successful candidate will play a critical role in shaping Zero Trust strategies, modernising secure access frameworks, and enhancing enterprise-wide cyber resilience.
Working alongside infrastructure, networking, cloud, and security teams, the Zero Trust Architect will lead the design, deployment, and optimisation of scalable security solutions across users, devices, applications, and data environments.
The Role
The successful individual will be responsible for designing and implementing enterprise-scale Zero Trust security architectures aligned with modern cyber security standards and frameworks including NIST 800-207, SASE, and SSE principles.
This position combines strategic architecture, hands-on engineering, technical leadership, and operational optimisation, offering exposure to cutting-edge cloud security technologies and enterprise transformation initiatives.
Key Responsibilities
Architecture & Security Design
- Lead the design and implementation of enterprise Zero Trust architectures across networks, endpoints, applications, and user environments.
- Develop scalable security blueprints and reference architectures aligned with industry best practices and Zero Trust principles.
- Design secure access models using technologies such as SSO, MFA, least-privilege access, and device posture validation.
- Define and implement cloud-based secure access strategies using leading Zero Trust and SASE platforms.
- Partner with networking and infrastructure teams to modernise WAN, remote access, and cloud security capabilities.
Implementation & Engineering
- Deploy, configure, and optimise Zero Trust technologies across enterprise environments.
- Implement and fine-tune security policies including:
- URL filtering
- Data Loss Prevention (DLP)
- Cloud Access Security Broker (CASB)
- Firewall-as-a-Service (FWaaS)
- Manage application segmentation, secure connector deployment, and client connector rollouts.
- Integrate Zero Trust platforms with identity providers, endpoint security tools, and SIEM/SOAR environments.
- Support the migration of legacy VPN, firewall, and proxy solutions toward cloud-native security architectures.
- Conduct proof-of-concept exercises, technical evaluations, and architecture validation sessions.
Security Strategy & Leadership
- Drive the organisation’s Zero Trust roadmap and long-term cyber security strategy.
- Provide governance and architectural oversight across transformation and security programmes.
- Conduct threat modelling, risk assessments, and security gap analysis for critical business services.
- Promote secure-by-design methodologies and modern security frameworks across the organisation.
- Mentor and support internal cyber security and networking teams through technical guidance and knowledge sharing.
Operations & Optimisation
- Troubleshoot deployment challenges, identity-related access issues, and platform performance concerns.
- Monitor telemetry, analytics, and operational metrics to continuously improve security performance.
- Optimise platform configurations and security controls to ensure resilience, scalability, and user experience.
The ideal candidate will possess strong expertise in Zero Trust Architecture, Cloud Security, Identity & Access Management, and Enterprise Cyber Security Engineering.
Key requirements include:
- 5–10+ years of experience in cyber security architecture or senior security engineering roles.
- Hands-on expertise with:
- Zscaler ZIA, ZPA, and ZDX
- Zscaler Client Connector
- App Connectors
- Cloud Firewall technologies
- Cloud Sandbox solutions
- DLP and CASB platforms
- Strong understanding of:
- Zero Trust frameworks
- SASE and SSE architectures
- Identity and Access Management solutions including Entra ID (Azure AD), Okta, and Ping Identity
- Modern networking concepts including SD-WAN, DNS security, and routing fundamentals
- Endpoint security technologies including EDR/XDR and device posture assessment
- Experience integrating enterprise security platforms across cloud, network, and endpoint ecosystems.
- Strong stakeholder engagement and communication skills with the ability to influence both technical and business audiences.
- Proven experience delivering enterprise-scale cyber security transformation initiatives.
…