Cyber Security Architect - Outside IR35 - Remote - Up to £650pd

Skills

Job Specifications

We are seeking an experienced Cyber Security Architect to lead a critical transformation of edge security and access control environment. You will be responsible for the end-to-end migration from Symantec WSS to Cloudflare One, establishing a robust Zero Trust Architecture.
The primary focus is to replace a llegacy web proxying with Cloudflare Secure Web Gateway (SWG) and deploy Zero Trust Network Access (ZTNA) to secure a managed and unmanaged device landscape. This is a hands-on architectural role requiring design, policy development, deployment, and documentation.
Key Responsibilities
Architectural Ratification: Review and improve the initial Cloudflare setup to ensure it meets enterprise-grade security standards.
Migration & Policy Design: Lead the migration of existing Symantec WSS policies to Cloudflare SWG. Develop sophisticated Zero Trust policies for staff web browsing and application access.
Cloudflare One Deployment: Configure and deploy Cloudflare ZTNA and SWG from the ground up, ensuring seamless integration with EntraID.
Device Posture & Compliance: Implement posture checking via the WARP client to ensure only compliant, patched managed devices can access sensitive data.
Unmanaged Device Strategy: Configure Secure Browser (Browser Isolation) for guest access to provide restricted, secure environments for non-managed devices.
Application Onboarding: Successfully onboard a diverse SaaS and dev environment, including M365, Azure, Adobe, Netlify, Sage, Miro, Jira, and GitHub via SSO.
Stakeholder Collaboration: Partner with Identity teams and the Managed Service Provider (MSP) to manage the delicate rollout of the WARP client (ensuring the removal of Symantec WSS to avoid client conflicts).
Testing & Documentation: Execute rigorous UAT with test groups to prove policy efficacy and provide comprehensive "as-built" documentation for handover to operations.
Technical Skills & Experience
Cloudflare Mastery: Deep, hands-on experience with Cloudflare One, specifically Zero Trust Network Access (ZTNA) and Secure Web Gateway (SWG).
Zero Trust Expertise: Proven track record of designing and implementing Zero Trust frameworks (Identity-based access, Least Privilege, Continuous Verification).
Identity Integration: Strong experience integrating Zero Trust solutions with EntraID (Azure AD).
Endpoint Security: Experience deploying and troubleshooting the Cloudflare WARP client and implementing device posture profiles.
Legacy Migration: Experience migrating from traditional web proxies (specifically Symantec/Broadcom WSS) to modern SASE platforms.
Desirable
Experience with Remote Browser Isolation (RBI) for guest/contractor access.
Broad understanding of securing DevOps environments (GitHub, Netlify, etc.).
Relevant certifications (eg, CISSP, CCSP, or Cloudflare certifications).

About the Company

We are an independent software and technology consultancy who pride ourselves on our ability to deliver complex technology solutions for our clients. We focus on understanding our client's business and work with them to deliver change that makes their business more effective. Our multidisciplinary teams are made up of delivery experts, technology and software experts and user experience experts who have the drive, talent and creativity to take strategies from inception all the way through to business adoption. We provide th... Know more

Related Jobs

Company Name

Digital Waffle

Job Title

Cyber Security Engineer

Guildford, United kingdom

Hybrid

Full Time

18-02-2026

Company Name

Hays

Job Title

Security Architect

London, United kingdom

Hybrid

Freelance

16-02-2026

Company Name

Ubique Systems

Job Title

OT Security Architect - Having Mandatory exp in Azure Sentinel, Splunk,Cloud Security,Guard Duty,

Coventry, United kingdom

On site

Freelance

19-01-2026

Company Name

Galaxi Consulting Group

Job Title

Security Architect

Coventry, United kingdom

Hybrid

Freelance

16-01-2026