Zero Trust Architect

Sanderson are working with a consulting client who are looking to grow their Zero Trust capability. The client is seeking an Architect to come in and implement and optimise Zero Trust security architectures.

Your responsibilities:

Architecture & Design

• Leading the design and implementation of Zero Trust architectures for enterprise environments, covering users, devices, applications, and data.
• Establishing secure access patterns using cloud-based security and zero-trust platforms
• Creating enterprise-wide security blueprints and reference architectures aligned with Zero Trust principles
• Designing scalable identity-centric security controls using SSO, MFA, device posture, and least-privilege access models.
• Collaborating with networking teams to modernize WAN and remote access using cloud security and SASE frameworks.

Implementation & Hands-On Engineering

• Deploying, configuring, and optimising Zero Trust technologies, including:
• Policy creation and fine-tuning
• Managing App segmentation and connector deployment.
• Zero Trust Client Connector configuration and rollout.
• Integrating Zero Trust solutions with identity providers, SIEM/SOAR systems, and endpoint platforms.
• Collaborating with infrastructure teams to migrate legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models.
• Conducting proof-of-concept evaluations and technical validation sessions.

Security Leadership & Strategy

• Driving the organization's Zero Trust strategy and security roadmap.
• Providing architectural governance and ensuring security best practices across projects.
• Conducting threat modelling, gap assessments, and risk evaluations for critical applications and network paths.
• Advocate for the adoption of modern security frameworks and secure-by-design principles.

Operations & Optimization

• Troubleshooting Zero Trust deployment issues, performance concerns, and identity-related access failures.
• Monitoring and tuning telemetry, logs, and analytics to maintain optimal operational performance.
• Providing technical mentorship and training to internal security and networking teams.

The following skills and experience are essential for this role:

Technical Expertise

• 5-10+ years of experience in cybersecurity architecture or senior engineering roles.
• Strong hands-on expertise with:
  • Zscaler ZIA, ZPA, ZDX or similar
  • Zscaler Client Connector
  • App Connectors, Cloud Firewall, Cloud Sandbox, DLP, CASB
• Deep understanding of:
  • Zero Trust frameworks
  • Identity and access management
  • Modern network design
  • Endpoint security

This role will require you to be willing and eligible to undergo UK security clearance.

If you're interested in the above, apply or reach out to