Skip to main content

Security Architect

About the roleAs a Security Architect, you will work across our Architecture, Engineering, Infrastructure, and InfoSec teams to design and guide the delivery of secure solutions. Solutions will include the build-out of strategic security services as well as embedding our security architecture into functional platforms and products. In order to achieve this, you will need to be a technical expert who is able to convey complex approaches with impactful simplicity. You will also need to establish credibility and trust across technical Engineering teams as well as leadership.

Whilst many of our solutions are cloud-native, we need to design in proportionate controls wherever and however a solution is deployed, in order to protect our solutions and data from modern threats and manage our risk position. You’ll partner with other teams, acting as an integrated team member and able to meet them ‘where they are.’

At a glance

  • Flexible Working: This is a hybrid working role, therefore your time will primarily be split between working from home (in the UK) and London Head Office.

    However, there will also be an expectation to visit other locations as the need arises. Our Architecture team currently works from the office roughly once / twice a week to connect and on a more ad-hoc basis to attend key meetings, but again the frequency is dependent on the business needs.
     

  • Expected Salary: £59,500 - £90,000 (depending upon experience).
     

  • Contract type: Permanent
     

Key Responsibilities

  • You will design security solutions for compelling services across our cloud platforms and traditional hosting environments.
     

  • You are responsible for designing end-to-end security solutions, blueprints, and patterns that are effective, efficient, repeatable, and sustainable.
     

  • You must ensure security architecture best practice is brought to bear during solution design activities undertaken by delivery teams and third parties.
     

  • You’ll advise and consult on the commercial and contractual implications of existing or new obligations.
     

  • You will consult on contractual terms of technologies and business services being procured or used within your domain.
     

  • You will help ensure JLP delivers on its strategic aims and enables the Partnership to adapt and grow in a competitive market.
     

  • You should leverage insight and internal/external networks to keep abreast of key customer requirements and technological advancements.
     

  • You will design and maintain an accurate logical overview of the entire system throughout the product lifecycle and delivery.
     

  • You must invest in your personal and professional development by utilising the opportunities available to you through your Profession.
     

Note: This role is advertised as Security Architect; internally, it is known as Solution Architect (PL6).

Essential skills / experience you’ll need

  • Extensive experience in holistic security design against a zero-trust architecture across cloud and traditional deployment models.

  • Proven experience in facilitating threat modeling workshops.

  • Experience in product evaluation and selection processes.

  • You maintain a strong understanding of DevSecOps and SecOps frameworks along with the current tooling landscape.

  • Proficient with security frameworks such as the NIST Cybersecurity Framework and CSA Critical Controls Matrix.

  • Experience with cloud security across Google Cloud, Amazon Web Services, and SaaS applications. 

  • Demonstrate an understanding of attacker tools, techniques, and procedures, alongside pragmatic mitigations.

  • Possess knowledge of legal and compliance regulations, specifically the General Data Protection Regulation.

  • Experience with product and platform-oriented delivery within both Waterfall and Agile contexts.

  • Experience influencing stakeholders at Leadership and Working Group levels on major transformations.
     

Desirable skills / experience you may have

  • Experience designing SOC architectures (ie SIEM, SOAR and Exposure management solutions).

  • Experience in working within regulated environments, such as PCI-DSS. 

  • Whilst we prioritise demonstrable business impact, cross-team collaboration and being outcome focused, we also recognise the value of certification. The following certifications would be beneficial in this role:

    • TOGAF and/or SABSA certified

    • (ISC)2 Certified Cloud Security Professional / Certified Information Systems Security Professional / Information Systems Security Architecture Professional

    • Certified Ethical Hacker

    • Google Cloud Generative AI Leader / Professional Cloud Architect / Security Engineer

    • Zscaler Zero Trust Cyber Associate / Digital Transformation Administrator

    • Cloud Security Alliance Trusted AI Safety Expert / Certificate of Competence in Zero Trust.
       

Additional information

  • The application form consists of CV upload, followed by application questions. Please visit - https://www.jlpjobs.com/how-to-apply/journey/ to understand more about application and hiring process.
     

  • Successful applicants will undergo a screening call with a recruiter, followed by two rounds of interviews.
     

  • You'll be asked about any adjustments you might need to support the recruitment process. Please let us know, and we'll be sure to discuss it with you.

#LI-HEADOFFICE

#LI-Hybrid

#LI-LS1

About The Partnership

We’re the largest employee owned business in the UK and home of our cherished brands, John Lewis and Waitrose. We’re not just employees, we’re Partners, driven by our purpose to build a happier world. As we look to our future, there’s never been a more exciting time to join us.  

We’re ruthlessly focused on being brilliant at retail. We continue to innovate, adapt and diversify. Never Knowingly Undersold on price, quality and service in John Lewis and passionately serving food-lovers in Waitrose.   

As Partners we all share the responsibility of ownership and in its rewards. We use our voices to contribute to our success, working together through the good and challenging times, holding true to our behaviours and treating everyone with kindness and respect. 

We all own making the Partnership somewhere we belong. Embracing our differences and creating an environment where we’re free to be ourselves and can THRIVE. Growing ourselves individually, and as a collective. 

As Partners, we make all the difference. And, we all own it.  

Important points to note:  

It’s important to note that some of our roles are subject to pre-employment vetting (which may include DBS checks for successful candidates). If required, you’ll be informed and provided with information about vetting during the recruitment process and we encourage you to complete any vetting documents quickly to avoid delays. Any DBS checks required will be carried out by a third-party registered body and financial probity checks may also be required for some of our roles.  

We occasionally close vacancies early in the event we receive a high volume of applications, and therefore, we recommend you apply early. If you require a reasonable adjustment due to a disability which means you may need longer to complete your application please contact us as soon as possible.

We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where possible. Please discuss this further with the hiring manager during your interview. 

Security Architect

John Lewis Partnership
London, UK
Full-Time

Published on 12/02/2026

Search more jobs

Share this job now