Cyber Security Architect - Advanced Threat Response

We are seeking an experienced Cyber Security Architect - focusing on Advanced Threat Response (ATR) solution to be a part of the Architecture team, you will design and maintain end-to-end architecture for advanced threat detection and response across cloud, network, and endpoint environments. You will work cross-functionally to deliver scalable, secure, and cost-effective security architecture solutions within a complex enterprise environment. What you'll do: Define requirements, evaluation criteria, and success metrics for automated offensive security testing platforms and red/purple team tooling Lead vendor evaluations, proof of concepts (PoCs), and comparative product assessments Architect integration approaches, workflows, and security telemetry pipelines Produce detailed implementation plans, runbooks, and operational handover artefacts Coordinate tool onboarding, configuration, tuning, and validation Design scalable deployment patterns (including SaaS models, multi-tenancy, credential handling, and high availability architectures) Support purple team exercises and adversary emulation planning, translating red team findings into engineering controls Ensure security, risk, and compliance requirements are embedded throughout tool selection and operation Maintain vendor relationships, roadmap alignment, and manage lifecycle/replacement decisions What you'll bring: Strong background in security engineering, offensive security, or security architecture Hands-on experience evaluating and deploying enterprise security tooling Strong Linux administration skills (system hardening, service management, troubleshooting, network tuning, secure baseline implementation, orchestration) Practical cloud management experience, including CI/CD pipeline design and implementation Proven experience running vendor evaluations and PoCs for enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach, BloodHound, Microsoft EASM , or similar technologies is highly desirable Experience working within the Banking and Financial Services industry Relevant cloud certifications, particularly Google Cloud Platform Exposure to ML, AI, and data tooling within GCP environments Ability to work effectively across IT, DevOps, and Compliance teams to implement security controls Experience working in agile or iterative delivery models Right to work in the UK is mandatory for this role Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates