Enterprise Architect - Security

Due to continued growth, we are currently hiring a Senior Security Architect to join our team. emagine is a dynamic, fast-growing international consulting and technology company, founded on real-world experience and focused on custom-fit solutions. We bring proven people and deep expertise to deliver complex programmes while ensuring meaningful knowledge transfer for our clients.

This engagement supports the development of a public-facing web application for a government client. Historically, the client’s platforms have been internal-only and highly restricted. This application represents a shift to an externally accessible service, introducing a heightened risk profile and the need for stronger architectural assurance, modern security controls, and cloud best practices.

The application is already in development, with an existing architect focused on application delivery. This role provides additional senior architectural capacity, with a strong focus on security-led review, challenge, and direction, rather than hands-on feature delivery.

The initial focus is an MVP, with support required immediately. There is strong potential for the engagement to extend beyond the MVP, subject to value delivered and additional streams of work.

The Role

As Senior Security Architect, you will act as a trusted advisor, providing architectural assurance and security leadership across a public-facing cloud platform. You will review current assumptions, identify gaps, and recommend pragmatic, best-practice solutions that balance security, delivery pace, and operational sustainability.

This role suits a technically strong architect with a hands-on engineering background who is comfortable challenging decisions, presenting options, and shaping direction at both technical and leadership levels.

Key Responsibilities

A snapshot of your key responsibilities includes:

• Advise on secure architecture for a public-facing web application, aligned with modern best practices and Zero Trust principles
• Review and provide detailed feedback on Azure and AWS cloud architecture, infrastructure design, and configuration
• Assess network design and configuration, including public access patterns, edge security, and associated risk implications
• Review and advise on identity and access management, including internal and external access models
• Review Azure and AWS landing zones, providing recommendations on structure, security, and scalability
• Implement and recommend appropriate guardrails to protect and enable DevOps teams
• Review SaaS integrations and external dependencies from a security and risk perspective
• Review and optimise security tooling and capabilities, including (but not limited to):

– Microsoft Sentinel
– Microsoft Defender
– Cloudflare
– Microsoft Front Door
• Support product and tooling decisions by clearly articulating trade-offs, strengths, and limitations
• Identify gaps in security controls, tooling, monitoring, logging, and governance, with clear remediation actions
• Advise on right-sizing of controls, logging, and telemetry, including data retention and cost implications
• Review monitoring and alerting configurations to maximise coverage while minimising operational noise
• Contribute to the definition of the target-state architecture and future operating and support model across a multi-party environment
• Provide authoritative guidance—confidently challenging poor decisions and recommending secure alternatives
• Work closely with leadership, DevOps teams, existing architects, and security analysts to uplift overall security capability

Technical Context

• Core platform hosted on Azure App Services
• Public-facing application with anticipated future expansion
• Hybrid internal and external data flows, including on‑prem / legacy integrations
• Containers and cloud-native services in scope (Docker, Kubernetes / AKS)

Requirements

• 10+ years’ experience in information security, with 5+ years in a senior security or cloud architecture role
• Strong hands-on expertise in cloud security, with Azure essential and AWS highly desirable
• Proven experience reviewing and securing public-facing cloud platforms
• Deep understanding of secure cloud architectures across IaaS, PaaS, and SaaS
• Strong working knowledge of cloud networking, edge protection, and identity management
• Practical experience implementing guardrails and enabling secure DevOps practices
• Working knowledge of containers and orchestration platforms (Docker, Kubernetes / AKS)
• Experience advising on and reviewing security tooling such as Sentinel, Defender, Cloudflare, Microsoft Front Door, or equivalent
• Ability to confidently challenge decisions and clearly articulate best‑practice recommendations
• Experience producing architectural artefacts, including architecture diagrams, security patterns, and risk assessments
• Familiarity with security and risk frameworks such as ISO 27001, NIST CSF 2.0, CIS, or equivalent
• Experience working in regulated or public-sector environments is a strong advantage
• Excellent communication and stakeholder engagement skills

Engagement Details

• Opportunity type: Full-time Contract (initial 3 months)
• Location: Dublin (Hybrid – 2 days onsite)
• Start: ASAP

So, are you ready to join our team?

emagine is an Equal Employment Opportunity Employer. We value diversity and are committed to bringing together individuals from varied backgrounds to develop innovative, secure solutions for our customers.