Principal, Cloud Security Architect (Director Level), Global Cyber Security, RBC Brewin Dolphin (Lon

Company: Royal Bank of Canada
Apply for the Principal, Cloud Security Architect (Director Level), Global Cyber Security, RBC Brewin Dolphin (Lon
Location: London
Job Description:

Principal Cloud Security Architect

Overview

The Principal Cloud Security Architect will lead the design, engineering, and delivery of cloud security solutions across RBC’s Azure enterprise environment. This role owns end‑to‑end security architecture and hands‑on implementation, drives enterprise‑scale operationalisation of cloud security capabilities, embeds security into CI/CD pipelines and infrastructure‑as‑code, and partners with Regulatory, Compliance, and Audit functions to ensure controls meet regulatory frameworks and industry standards. The ideal candidate combines deep technical expertise with strategic leadership – comfortable white‑boarding architecture, writing Terraform to implement it, and guiding teams through complex security transformations at scale.

Responsibilities

Strategic Leadership & Architecture

  • Lead efforts to secure Azure cloud platform at RBC Brewin Dolphin, serving as the primary security subject matter expert for Azure‑native services, identity, networking, and data protection controls.
  • Lead, execute, and deliver on Cloud Security strategy and initiatives with measurable outcomes.
  • Build, innovate, and mature Cloud Security Capabilities at RBC Brewin Dolphin.
  • Lead the development of end‑to‑end technical cloud security design and architecture to ensure safe application onboarding to meet sponsor/stakeholder needs, without impacting planned time to market timelines.
  • Conduct threat modelling, security architecture assessments, and cloud service security reviews to ensure alignment with industry best practices and RBC’s risk appetite.

Hands‑On Technical Implementation

  • Architect and drive security strategy for Azure Kubernetes Service (AKS) and OpenShift Container Platform, including cluster hardening, admission control, runtime security, image assurance, network policy, secrets management, and workload identity.
  • Define and implement security controls for Azure infrastructure supporting AI/ML workloads, including compute provisioning, networking, storage, identity, and platform services (Microsoft Foundry/Azure OpenAI Service, Azure Machine Learning).
  • Lead the enterprise deployment and operationalisation of Wiz CNAPP, including CSPM, CWPP, CIEM, DSPM, and container/Kubernetes security capabilities – driving policy‑as‑code, risk prioritisation, and remediation workflows at scale.
  • Embed security into CI/CD pipelines and software supply chain (GitHub Actions, Terraform, Argo CD, Helm) through automated scanning, policy enforcement, IaC security validation, and shift‑left developer tooling.

Automation & Controls Development

  • Lead and build preventative and detective controls/measures according to RBC Brewin Dolphin’s cloud control objectives while using modern automation, config‑as‑code, and TDD principles to bring reliability.
  • Lead and build automated reporting and monitoring solutions to provide feedback to developers and help them shift left and recognise security gaps early.
  • Experience in hardening and safeguarding cloud services and preventing config drift with native or third‑party tools (CSPM, IaC, linter).
  • Architect, engineer, and deploy cloud security solutions end‑to‑end, owning the full lifecycle from design through implementation, testing, and production delivery.

Collaboration & Governance

  • Partner with Regulatory, Compliance, and Audit teams to ensure cloud security controls satisfy industry standards, SOX, PCI‑DSS, and internal risk frameworks – translating regulatory expectations into technical control implementations and evidence automation.
  • Communicate and collaborate with application developers to remediate security vulnerabilities for their applications and/or resources.
  • Work with cloud stakeholders to design, build, and validate Cloud Security controls.
  • Ability to partner effectively with key stakeholders on complex projects with excellent communication, facilitation, and presentation skills.

Qualifications

Must‑have

  • Demonstrable experience in Cyber Security, focusing on cloud security architecture and engineering.
  • Deep hands‑on expertise with Microsoft Azure security (Defender for Cloud, Entra ID, Azure Policy, Network Security Groups, Private Link, Key Vault).
  • Strong knowledge and experience of cloud security frameworks and governance practices with extensive hands‑on experience with Azure cloud platform.
  • Strong experience securing Kubernetes at scale with AKS and/or OpenShift Container Platform – including admission controllers, OPA/Gatekeeper/Kyverno, service‑mesh security, and runtime protection.
  • Hands‑on experience with Wiz CNAPP (or equivalent CNAPP platform) in a large enterprise environment, including policy authoring, risk scoring, and integration with ticketing/remediation workflows.
  • Experience securing CI/CD pipelines and infrastructure‑as‑code (GitHub Actions, Terraform—Sentinel/OPA policy, container image pipelines, artifact signing, and SBOM generation).
  • Demonstrated ability to operate as both a security architect and hands‑on practitioner – willing to roll up sleeves and write IaC, policy‑as‑code, automation scripts, or pipeline configurations when needed.
  • Demonstrated experience making architectural decisions based on simplicity, industry frameworks, scalability, and reusability.
  • Ability to partner effectively with key stakeholders on complex programs with excellent communication, facilitation, and presentation skills.

Nice‑to‑have

  • Experience securing Azure infrastructure for AI/ML workloads (GPU‑enabled VMs/node pools, high‑bandwidth networking, large‑scale storage, and managed AI platform services from a compute, network, and identity perspective).
  • Recognisable security‑related industry certifications (CISSP, CCSP, CCSK, OSCP).
  • Azure security certifications (SC‑500, SC‑100).
  • Kubernetes certifications (CKA, CKS) or Wiz certifications.

Benefits

  • A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation.
  • Leaders who support your development through coaching and managing opportunities.
  • Opportunities to work with the best in the field.
  • Ability to make a difference and lasting impact.
  • Work in a dynamic, collaborative, progressive, and high‑performing team.
  • A world‑class training program in financial services.

#J-18808-Ljbffr…

Posted: June 2nd, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire