• Secure by Design Architecture
• cloud service resilience (Azure)
• security governance, threat modelling, design reviews, and assurance

Cloud Security Architect

Overview
M4 Digital are a leading supplier of consulting and delivery services to central government.
To enhance an already existing delivery team we are seeking an experienced SC-cleared Cloud Architect to play a key role in reviewing and delivering recommendations

• cloud service resilience (Azure)
• security governance, threat modelling, design reviews, and accreditation assurance

This is a high-impact role operating in a sensitive, mission-critical environment, working closely with multiple stakeholders of an existing service that will scale significantly over the next 3 years.

Key Responsibilities

Secure by Design Architecture

• Review existing service against HMG Secure by Design Framework
• Identify and document gaps
• Identify, prioritise and document future actions
• Security architecture review including threat modelling
• Develop and maintain reusable security patterns, ensuring alignment with GDS standards
• Identify stakeholders and collaborate across the organisation

Security Assurance & Risk Management

• Maintain and manage project security risk registers, escalating risks where appropriate.
• Validate compliance against security policies, standards, and control baselines.
• Review control effectiveness against assurance baselines and external assurance outcomes.
• Contribute to Operational Readiness Reviews and working groups as required.

Cloud Service Resilience

• RTO/RPO review and requirements
• Current cloud service architecture review
• Compare current service architecture with industry and cloud provider MS Azure) best practice
• Document risk and impact of potential scaling of the service
• Prioritise recommendations

Additional Key skills

• Proven documentation and presentation skills

Deliverable

• Paper(s) prioritising high level recommendations