Working hours: 35 hours per week, Monday to Friday

Duration: Permanent

Location: Gloucester

Job Ref: 204688

About the role

Benefact Group are looking for a Cyber Security Architect to join our Gloucester office.

The Role helps shape and safeguard the Group’s technology landscape by designing robust, scalable and compliant security architectures aligned to regulatory and industry standards.  The role provides strategic guidance on emerging threats, ensures security is embedded into digital transformation initiatives and drives the adoption of best‑practice controls across systems and services.  It acts as a trusted advisor to technical and business stakeholders across the whole Group, enabling secure innovation without compromising operational resilience.

Why join us?

Join a collaborative and inclusive culture that’s committed to making a difference and building a more sustainable future. Ranked amongst the UK's 15 Best Big Companies to Work For in 2025, we offer fantastic career and development opportunities within a rapidly growing, innovative Group — where all profits go to charity and good causes.

What you'll be doing

• Enterprise Security Architecture Leadership: Drive the development, maintenance and governance of the organisation’s security architecture, standards and reference models, ensuring alignment with business strategy, technology roadmaps and regulatory frameworks.

• Secure Design, Assurance & Risk Management: Lead threat modelling, risk assessments and architectural reviews; embed secure‑by‑design principles; and ensure solution designs comply with security guardrails, industry best practice and relevant legislation. 

• Collaboration & Stakeholder Engagement: Partner with engineering, product, infrastructure and governance teams to guide secure implementation, provide clear security recommendations and foster a strong security culture across the organisation. 

• Technology Evaluation & Supply Chain Security: Assess emerging technologies and tools, advise on long‑term suitability, and oversee third‑party and supply‑chain security considerations, including vendor assessments and procurement support.

• Incident Response & Continuous Improvement: Contribute architectural insight during incidents, support root‑cause analysis, shape long‑term remediation, and maintain high‑quality documentation with clear traceability between risks, controls and design decisions.

What you'll need to have

• Deep understanding of security architecture principles, secure by design practices and defence in depth approaches

• Strong knowledge of UK regulatory and compliance frameworks such as GDPR, NIS2, NCSC guidance, ISO 27001 and NIST CSF

• Proven experience designing secure solutions across cloud, infrastructure and application domains

• Expertise in threat modelling, risk assessment and reviewing technical designs for security weaknesses

• Strong understanding of cloud security architectures (Azure, AWS and GCP)

• Ability to translate security requirements into practical, implementable design patterns and controls

• Skilled in stakeholder engagement and influencing across engineering, product and leadership teams

• Hands on familiarity with modern security tooling (eg SIEM, EDR, IAM, vulnerability management)

• Experience contributing to incident response and long-term remediation planning

What we offer

• A competitive salary - let's discuss it

• Hybrid working

• Group Personal Pension - up to 12% employer contribution

• Generous annual bonus scheme: on-target bonus between 7.5% and 30%

• 28 days annual leave plus bank holidays, and a holiday buy and sell scheme

• An array of health and wellbeing benefits, including private healthcare, income protection and life assurance

• £200 annual personal grant to a charity of your choice

• Encouraged to take at least one volunteering day per year

• Employee Assistance Programme

• Full study support to gain professional qualifications

• Access to virtual GP

• Enhanced maternity and paternity pay

Hear from the hiring manager

"This is a key role in our Group Cyber Security Team and, as a senior member of that team, you will have the opportunity to directly inform and develop how sound security is delivered across the Group.  This is an exciting opportunity to develop your career by joining a dynamic and developing function, working for a great company."

About us

Benefact Group is a unique international financial services Group made up of over 30 businesses. We are owned by a charity and have been the 3rd largest UK corporate donor over a decade*, having given away £250 million since 2014. We have ambitious plans to become the UK’s number one corporate donor, with strategic objectives in place to double the Group’s size.

We believe it’s essential to attract, empower, grow and reward talented people, offering fantastic opportunities for career and personal development. Our giving ethos, 135-year history and the diversity of what we do, has enabled us to build a culture of kindness, great ambition, and of passionate people driven to do better and be better. 

At Benefact Group, we are committed to creating an inclusive culture and building an environment where each and every one of us feels valued and respected. We are a community made up of people with a range of different backgrounds, abilities, perspectives, beliefs and interests and we value the strength this brings to us as a Group. We welcome applications from everyone.

If you need any additional support during the recruitment process, then please let us know.

*Directory of Social Change’s UK Guides to Company Giving 2017-26