Job Specifications
Please note that the role requires frequent travel to Nottingham.
Are you ready to shape the future of security in a cutting-edge, multi-cloud environment? We’re looking for a Principal Security Architect to define and lead the end-to-end security architecture for a complex technology stack centered on Salesforce Clouds (Commerce, Marketing, Data), Amplience CMS, MuleSoft, and integrations with on-prem and legacy systems.
This is your opportunity to become the security authority for a global enterprise, setting the guardrails that balance regulatory compliance (GDPR, HIPAA, PCI DSS) with delivery velocity. You’ll partner with enterprise architects, platform teams, and product engineering to embed secure-by-design practices from discovery through run.
What You’ll Do:
Architect the Future: Define reference security architecture across Salesforce, Amplience CMS, MuleSoft, and legacy systems. Create patterns for zero-trust, API security, and data protection.
Own Identity & Access: Design enterprise IAM with IdP integration (SSO/SAML/OIDC), SCIM provisioning, lifecycle controls, and secret management.
Platform Security Leadership: Implement Salesforce Shield, Event Monitoring, Transaction Security Policies, and secure configurations for Marketing Cloud, Data Cloud, Amplience, and MuleSoft.
Champion Privacy & Compliance: Map data flows, define ROPA, and embed privacy-by-design controls aligned to GDPR, HIPAA, and PCI DSS.
Drive DevSecOps Excellence: Integrate SAST/DAST, IaC scanning, SBOM generation, and secure release governance into delivery pipelines.
Monitor & Respond: Build detection use cases, integrate logs into SIEM, and establish DLP and threat modeling frameworks.
Lead & Influence: Chair Security Design Reviews, run threat modeling workshops, and ensure control testing and remediation tracking.
What You Bring:
Experience: Relevant experience in security engineering/architecture including experience with Salesforce and Marketing Cloud/Data Cloud.
Expertise: Hands-on security design for API-led integration (MuleSoft) and headless CMS (Amplience).
Deep Knowledge: IAM/SSO/OIDC/SAML, OAuth 2.0/JWT, PKI/mTLS, KMS/HSM, Vault, TLS, WAF, DLP, SIEM/SOAR, ZTA.
Compliance Mastery: Proven track record in GDPR and one of HIPAA/PCI DSS, including DPIA/TRA and audit evidence management.
Communication: Strong documentation and stakeholder engagement skills.
Preferred Certifications:
Salesforce: Security & Privacy Accredited Professional, Platform Developer I/II, Architect-level certs.
MuleSoft: Integration Architect, API Designer/Manager.
Security: CISSP, CCSP, CISM, CRISC, ISO 27001 LI, Cloud Security certs.
Privacy: CIPP/E, CIPM.
Why Join Us?
You’ll be at the forefront of securing a global digital ecosystem, influencing strategy, and enabling innovation without compromising trust. If you thrive on complexity and want to make a measurable impact, this is your stage.
Ready to lead? Apply now and help us build security into the DNA of our enterprise.