Senior Security & Compliance Architect

Mace combines construction expertise with consultancy to unlock potential in every person or project and redefine the boundaries of ambition. Our values shape the way we consult and define the people we want to join us on our journey.

Mace Consult is accelerating secure digital delivery across our consultancy portfolios with a SaaS‑first strategy. We are seeking a Senior Security and Compliance Architect to lead architecture, assurance, and governance for cloud/SaaS platforms, data flows, and project collaboration environments across our client programmes. You will define and enforce security-by-design and privacy-by-default patterns, manage supply‑chain/SaaS risk, and ensure compliance with UK/EU and global requirements while enabling the business to move fast with confidence. 

This is a hands‑on, cross‑functional role working with security team, solution architects, data team, programme directors, commercial/procurement, legal, and client facing teams to balance risk, value, and speed across a diverse ecosystem (e.g., Microsoft 365 & Azure, Oracle Fusion, project collaboration suites, and industry partner solutions). 

Right to work in the UK essential.

You’ll be responsible for:

• Defining and maintaining SaaS‑first security reference architectures covering identity, data protection, integrations, and monitoring. 
• Working closely with Security team on security-by-design and privacy-by-default across all digital and data initiatives, including client programmes. 
• Establishing and enforcing zero trust baselines for M365, Azure, Oracle Cloud and priority SaaS platforms. 
• Designing and embedding data protection controls, classification schemes, DLP, retention, and encryption standards. 
• Interpreting and implementing global compliance requirements (e.g., UK/EU GDPR, ISO 27001, SOC 2, client security clauses). 
• Supporting SaaS and vendor security due diligence, including design reviews, compliance checks, and risk assessments. 
• Supporting creation of incident response and resilience patterns, including runbooks and backup/DR standards. 
• Collaborating with Legal, Procurement, and programme teams to ensure contractual and governance controls are met. 
• Acting as a trusted advisor to senior stakeholders, leading security architecture reviews, risk decisions, and awareness/training. 

You’ll need to have:

• Experience of working as an end-to-end Solution. Architect within a complex technology transformation.
• Broad understanding of the components that comprise the enterprise application landscape in medium/large enterprise.
• Expert knowledge in architecture principles, patterns, methods and standards.
• Deep understanding of security architecture concepts across application, data, infrastructure and cloud. 
• Deep understanding of Identity and access management.
• Knowledge of global security frameworks and components to deliver highly secure SaaS platforms. 
• Track record of working with large initiatives and multi-year roadmaps.
• Strong knowledge of Risk and Security frameworks such as FAIR and NIST.

Our values

Safety first - Going home safe and well: We champion a safe, diverse and inclusive working environment, understanding the importance of wellbeing in every team.

Client focus - Deliver on our promise: We own the quality of deliverables, strategic outcomes and build long term relationships with our clients.

Integrity - Always do the right thing\: We influence positive outcomes within our industry, while always aligning with our compliance obligations.

Create opportunity - For our people to excel: We champion a continuous improvement culture throughout all activities, inspiring our people and teams to develop.

Mace is an inclusive employer and welcomes interest from a diverse range of candidates. Even if you feel you do not fulfil all the criteria, please apply as you may still be the best candidate for this role or another role within our organisation.

We are also open to discussing part time, flexible, and hybrid working options if suitable with-in the role.

#LI-On-site