Security Architect
Date: 8 Jul 2026
Location: London, GB, EC3M 7AF
Company: Walkers Global

We are a leading international law firm for global corporations, financial institutions, capital market participants and investment fund managers. With a global presence spanning the Americas, Europe, the Middle East and Asia, we advise on the laws of Bermuda, the British Virgin Islands, the Cayman Islands, Guernsey, Ireland and Jersey.
We treat everyone as the intelligent professional they are. Our approach is to trust and empower our people to deliver consistently, and enable them to succeed. Diversity is our secret weapon – it’s the sheer breadth of Walkers people that makes us who we are – gathered from across the globe and fluent in languages, jurisdictions and cultures that help us to mirror our clients and keep our own thinking in tune with the world in which we operate.
Overview of role
Office: London (40% office attendance required)
The Security Architect is responsible for owning the technology security strategy as a member of the Strategy & Architecture team within the firms IT department. The Security Architect will work closely with wider teams across the firm, especially the Information Security and Inhouse Legal teams to define, design and uphold technical security standards, patterns and solutions that meet industry best practices and client requirements.
The role holder will be the recognised technical authority on Cyber Security, bringing deep expertise across traditional on-premises, cloud and hybrid security best practices and appropriate policies which includes modern Zero Trust and SASE Frameworks. They will be expected to advise and guide on all areas of the business on the secure deployment of technology, data residency, encryption, identity and access control and ensuring all new designs, products and solutions have taken adequate security considerations applied before adoption.
The role will also work closely with the Information Security, Risk and Compliance teams to ensure the architectural decisions align with relevant industry frameworks such as ISO 27001, NIST, CIS and applicable regulations including GDPR and NIS2. They will also be expected to take a leading role in defining the firm's approach to AI Security – establishing governance, risk, and architectural standards for the safe and secure adoption of AI and machine learning technologies across the organisation. They will also be expected to contribute towards maturing the Data Security and provide steer and guidance on data classification, categorisation and encryption. They will act as a trusted advisor to the CTO, CISO, IT Leadership and senior business stakeholders on all matters of enterprise security strategy and risk posture.
The Security Architect will be expected to work closely with the firms Inhouse Legal function and Information Security Governance, Risk and Compliance function to ensure that the firms client expectations in how we use, manage and store their data is fully understood. The role will be expected to contribute to client and ISO audit activities and respond to relevant client enquiries.
The Security Architect will be expected to help identify and manage technology solutions providers across the firm's portfolio of infrastructure, applications and cloud. This will include evaluating, recommending and championing security solutions and best practises and overseeing the transition of new security technologies into mainstream IT support. The Architect will produce and maintain enterprise architecture artefacts including high-level designs, security patterns, principles, and standards.
Duties, Responsibilities & Person Specification
- Own the enterprise security architecture vision, strategy and roadmaps from a corporate business, technology and data perspective – encompassing on-premises cloud, hybrid and network security domains including Zero Trust and SASE frameworks.
- Provide advice to the other Architects, the CTO, the CISO and the rest of the IT Leadership team on enterprise security across all domains, acting as the recognised technical authority and go-to expert for all matters relating to technical security.
- Define and own the firm's AI security architecture standards and governance framework – assessing the security risks associated with AI and machine learning adoption, including data privacy, model integrity, prompt injection, and supply chain risks – ensuring the firm can harness the AI technology safely and responsibly.
- Complement the Information Security Team and the Risk and Compliance Team, supporting alignment of architectural decisions with relevant industry frameworks such as ISO 27001, NST, CIS and regulations such as GDPR and NIS2.
- Fully understand the requirements placed on us by clients and their own regulators, respond to appropriate information requests and ensure requirements are factored into designs.
- Create and maintain architectural documentation as artefacts that relate to Security, architectural designs, patterns, principles, standards and technology selection, ensuring these remain current and fit for purpose.
- Create and own the firm’s standard non-functional requirements for all solutions in the technology security arena, ensuring security considerations are embedded at the design stage across all new products, platforms, and services.
- Work with IT suppliers, vendors and specialty third parties to ensure security is the primary consideration when developing a strategy for the firm.
- Use experience and knowledge to help the firm's adoption of public cloud ensuring that security is fully considered when delivering against target architectures vision, including data residency, encryptions and access control requirements.
- Continual research on security products, services, protocols, best practices and standards to remain abreast of developments in the information security industry and ensure the firm's security posture evolves accordingly.
- Advise and architect designs to ensure smooth deployment and secure operation for fulfilling business objectives and processes across the firm's technology estate.
- Contribute to any Design Authorities and the firm's Architecture Review Board process
- Provide both specialist and general architectural best practice to other staff within IT globally.
Education, Skills & Experience
- University degree in Computer Science or other relevant discipline or relevant IT experience
- Certifications - CISSP, Ideally CISM and SABSA.
- ToGAF 9 or higher certified.
- Proven experience working as a Security Architect within a Law Firm or Inhouse Legal Function.
- Proven experience in architectural roles selecting, designing and overseeing the deployment of complex solutions across on premise, cloud and hybrid environments at enterprise scale.
- Architectural experience of product lifecycle delivery, owning the security design from strategy and roadmap through to execution.
- A background of broad technical experience gained through exposure to various technology domains, design patterns, security architecture frameworks and diverse business sectors
- Understanding of AI security risks including adversarial attacks, model poisoning, data leakage, and prompt injection – with the ability to define architectural controls and standards that govern the firms secure use of AI technologies.
- Experience with working with security-based technology such as but not limited to IDAM, Firewalls, NAC, Segmentation and penetration testing in a global organization.
- Hands on experience with network and Zero Trust security technologies including ZTNA, CASB, IDAM, Firewalls, NAC and network segmentation.
- Practical experience designing and implementing Zero Trust and SASE frameworks, including vendor evaluation and adoption of platforms such as Palo Alto Prisma, Zscaler or equivalent.
- Hands on and design experience of Azure networking including VNET’s, VNET Peering and VNET Gateways along with integration of Azure PaaS services such as APIM, Azure AI foundry and Logic Apps.
- Strong understanding of encryption technologies including BYOK – with experience of hardware security Module (HSM) solutions such as Thales HSM.
- Experience in selecting and defining the use of security testing/monitoring tools and procedures for a range of scenarios including Data Loss Preventions (DLP), ransomware and threat detection.
- Good understanding of the organisation’s business goals and objectives.
- Solid understanding of GRC Frameworks including ISO 27001 and NIST with the ability to translate risk and compliance requirements into practical architectural controls and standards.
- Knowledge of applicable data privacy practices and laws with particular emphasis on GDPR and Data Residency requirements and NIS2 obligations.
Additional Requirements
- Ability and willingness to occasionally work outside normal working hours/days when requested.
- Decisive and confident in one’s own ability and recommendations
- An understanding that occasional international business travel may be necessary
- Decisive and confident in one's own judgement and recommendations and the ability to present and architectural positions to senior stakeholders.
- Strong written, oral and presentation communication skills.
- Excellent inter-personal skills and ability to present ideas and proposals in user-friendly language
- A passion for information security technologies and best practices, continually staying up to date and evaluating where new technology or practices can add protection to the business.
- Highly self-motivated and directed, with keen attention to detail.
- Trusted advisor with the ability to step in and help support teams in advice and consultancy when necessary.
- Able to effectively prioritize tasks in a high-pressure environment.
- Experience working in a geographically dispersed team-oriented, collaborative environment.
#LI-LQ1
#LI-Hybrid
Walkers global is an equal opportunity employer. Equality and diversity are key to our global identity and an integral part of our goal to continue being an employer of choice. We are committed to a work environment that supports all individuals irrespective of gender, ethnicity, nationality, race, religion, marital status, age, disability, pregnancy, sexual orientation, gender identity or any other applicable legally protected characteristics. We make every effort to ensure that employment opportunities are open and accessible to all purely on the basis of personal ability.
