Security Architect

Role

As a Security Architect at NTT you will design and deliver secure, scalable, and compliant architectures for clients with a primary focus on Google Cloud Platform (GCP) and emerging agentic AI systems. You will define secure architectural patterns, harden AI/LLM integrations, perform risk and threat assessments, and provide technical leadership to clients and delivery teams.

Key Responsibilities

• Translate business, data protection and security requirements into practical architectural designs using industry frameworks (NIST, ISO 27001, CIS).
• Design and maintain cloud-native security architectures focused on GCP, including IAM, VPC Service Controls, Cloud Armor, Confidential Computing, and secure workload segmentation.
• Shape security controls for agent-based AI systems and LLM integrations, covering model security, prompt security, API and orchestration security, and data security for vector stores/embeddings.
• Conduct AI-specific threat modelling (model extraction, poisoning, hallucination risks, sensitive data leakage, jailbreak/toxicity risks).
• Perform cloud and AI security assessments: cloud configuration reviews, GCP security posture assessments, and AI pipeline hardening.
• Support incident response for cloud and AI-driven incidents and provide mitigation strategies.
• Develop cloud and AI security policies, standards and governance aligned to ISO 27001, NIST, NIS2, DORA and other regulatory frameworks.
• Provide client-facing guidance, mentor teams, and participate in presales and delivery collateral.

Requirements

• Security-first mindset; role focused on security architecture rather than general cloud architecture.
• Minimum 5+ years of experience in information security, cloud security and architecture roles.
• Strong knowledge of security governance, risk and compliance frameworks (ISO 27001, NIST CSF/800-53, NIS2, DORA).
• Deep hands-on experience with Google Cloud Platform security services and cloud-native GCP architecture design.
• Experience architecting secure multi-project setups, identity boundaries, and secure workload segmentation.
• Experience designing security for agent-based AI systems and LLM-integrated applications, including prompt security and model governance.
• Cloud security experience across AWS, Azure and GCP and secure designs for IAM, Zero Trust, network segmentation, data protection/encryption, application/API security.
• Knowledge of SIEM, IAM solutions, CASB, and container/Kubernetes security.
• Experience in vibe coding and familiarity with technologies similar to Openclaw and Ollama.
• Strong communication skills, ability to work with senior stakeholders and mentor teams.
• Eligible to obtain UK SC clearance and right to work in the UK.

Certifications

• One or more required: CISA, CRISC, CISM, CISSP.

Technologies & Standards

• GCP (IAM, VPC Service Controls, Cloud Armor, Confidential Computing), AWS, Azure, SIEM, CASB, Kubernetes, vector stores and embeddings, LLM/agentic AI architectures, orchestration frameworks.
• Standards and frameworks: NIST, ISO 27001, CIS, NIST 800-53/CSF, NIS2, DORA.

Location & Clearance

• Role requires right to work in the UK and eligibility to obtain UK SC clearance. Remote/working flexibility is mentioned but the role implies UK-based employment and security clearance requirements.

Benefits (summary)

• Flexible work options, tailored physical/emotional/financial wellbeing benefits, learning and development and career growth opportunities. Employer promotes equity, diversity and inclusion and has adjustments for candidates with disabilities.