Principal, Cloud Security Architect (Director Level), Global Cyber Security, RBC Brewin Dolphin (London)

Job Description

What is the opportunity?

The Principal Cloud Security Architect will lead the design, engineering, and delivery of cloud security solutions across RBC's Azure enterprise environment.

This role owns end\-to\-end security architecture and hands\-on implementation, drives enterprise\-scale operationalisation of cloud security capabilities, embeds security into CI/CD pipelines and infrastructure\-as\-code, and partners with Regulatory, Compliance, and Audit functions to ensure controls meet regulatory frameworks and industry standards.

The ideal candidate combines deep technical expertise with strategic leadership—equally comfortable whiteboarding architecture, writing the Terraform to implement it, and guiding teams through complex security transformations at scale.

Should you be shortlisted, do please let us know if you have any specific requirements for the interview.

*This is a permanent, full\-time role and requires 4 days at our 10 Fenchurch Avenue, London office*

What will you do?

Strategic Leadership \& Architecture

• Lead efforts to secure Azure cloud platform at RBC Brewin Dolphin, serving as the primary security subject matter expert for Azure\-native services, identity, networking, and data protection controls.


• Lead, execute, and deliver on Cloud Security strategy and initiatives with measurable outcomes


• Build, innovate, and mature Cloud Security Capabilities at RBC Brewin Dolphin.


• Lead the development of end\-to\-end technical cloud security design and architecture to ensure safe application on\-boarding to meet sponsor/stakeholder needs, without impacting planned time to market timelines.


• Conduct threat modeling, security architecture assessments, and cloud service security reviews to ensure alignment with industry best practices and RBC's risk appetite.

• Architect and drive security strategy for Azure Kubernetes Service (AKS) and OpenShift Container Platform, including cluster hardening, admission control, runtime security, image assurance, network policy, secrets management, and workload identity.


• Define and implement security controls for Azure infrastructure supporting AI/ML workloads, including compute provisioning, networking, storage, identity, and platform services (Microsoft Foundry/Azure OpenAI Service, Azure Machine Learning).


• Lead the enterprise deployment and operationalisation of Wiz CNAPP, including CSPM, CWPP, CIEM, DSPM, and container/Kubernetes security capabilities—driving policy\-as\-code, risk prioritisation, and remediation workflows at scale.


• Embed security into CI/CD pipelines and software supply chain (GitHub Actions, Terraform, ArgoCD, Helm) through automated scanning, policy enforcement, IaC security validation, and shift\-left developer tooling.

• Lead and build preventative and detective controls/measures according to RBC Brewin Dolphin's cloud control objectives while using modern automation, config as code, and TDD principles to bring reliability.


• Lead and build automated reporting and monitoring solutions to provide feedback to developers and help them shift left and recognise security gaps early.


• Experience in hardening and safeguarding cloud services and preventing config drift with native or third\-party tools (CSPM, IaaC, linter).


• Architect, engineer, and deploy cloud security solutions end\-to\-end—owning the full lifecycle from design through implementation, testing, and production delivery.

• Partner with Regulatory, Compliance, and Audit teams to ensure cloud security controls satisfy industry standards, SOX, PCI\-DSS, and internal risk frameworks—translating regulatory expectations into technical control implementations and evidence automation.


• Communicate and collaborate with application developers to remediate security vulnerabilities for their applications and/or resources.


• Work with cloud stakeholders to design, build, and validate Cloud Security controls.


• Ability to partner effectively with key stakeholders on complex projects with excellent communication, facilitation, and presentation skills.

Must\-have

• Demonstrable experience in Cyber Security, with a focus on cloud security architecture and engineering.


• Deep hands\-on expertise with Microsoft Azure security (Defender for Cloud, Entra ID, Azure Policy, Network Security Groups, Private Link, Key Vault).


• Strong knowledge and experience of cloud security frameworks and governance practices with extensive hands\-on experience with Azure cloud platform.


• Strong experience securing Kubernetes at scale with AKS and/or OpenShift Container Platform—including admission controllers, OPA/Gatekeeper/Kyverno, service mesh security, and runtime protection.


• Hands\-on experience with Wiz CNAPP (or equivalent CNAPP platform) in a large enterprise environment, including policy authoring, risk scoring, and integration with ticketing/remediation workflows.


• Experience securing CI/CD pipelines and infrastructure\-as\-code—GitHub Actions, Terraform (including Sentinel/OPA policy), container image pipelines, artifact signing, and SBOM generation.


• Demonstrated ability to operate as both a security architect and hands\-on practitioner—willing to roll up sleeves and write IaC, policy\-as\-code, automation scripts, or pipeline configurations when needed.


• Demonstrated experience making architectural decisions based on simplicity, industry frameworks, scalability, and reusability.


• Ability to partner effectively with key stakeholders on complex programs with excellent communication, facilitation, and presentation skills.

• Experience securing Azure infrastructure for AI/ML workloads—GPU\-enabled VMs/node pools, high\-bandwidth networking, large\-scale storage, and managed AI platform services from a compute, network, and identity perspective.


• Recognisable security\-related industry certifications (CISSP, CCSP, CCSK, OSCP).


• Azure security certifications (SC\-500, SC\-100\).


• Kubernetes certifications (CKA, CKS) or Wiz certifications.

We thrive on the challenge to be our best \- progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation


• Leaders who support your development through coaching and managing opportunities


• Opportunities to work with the best in the field


• Ability to make a difference and lasting impact


• Work in a dynamic, collaborative, progressive, and high\-performing team


• A world\-class training program in financial services.

*RBC Group does not accept agency resumés. Please do not forward resumés to our employees, nor any other company location. RBC Group only* *pay fees to agencies where they have entered into a prior agreement to do so and in any event do not pay* *fees related to unsolicited resumés. Please contact the Recruitment function for additio**nal* *details.*

Job Skills

Architectural Modeling, Azure Kubernetes Service (AKS), Cloud Security Architecture, Cybersecurity, Cyber Security Management, Decision Making, Enterprise IT Architecture, GitHub Actions, Information Security Management, Information Technology Security, Infrastructure As Code (IaC), IT Security Architecture, Kubernetes, Microsoft Azure Security, Multi\-Level Communication, Security Architecture DesignAdditional Job Details

Address:

10 FENCHURCH AVENUE:LONDONCity:

LondonCountry:

United KingdomWork hours/week:

35Employment Type:

Full timePlatform:

TECHNOLOGY AND OPERATIONSJob Type:

RegularPay Type:

SalariedPosted Date:

2026\-05\-28Application Deadline:

2026\-06\-11Note: *Applications will be accepted until 11:59 PM on the day prior to the application deadline date above*

Our Employment Opportunities

At RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in\-the\-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well\-being of our clients and communities at jobs.rbc.com.

RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.

This listing is from indeed. View original listing ↗