Security Solution Designer

We are seeking a Security Solution Designer to lead the end-to-end design of security solutions. You will be responsible for delivering comprehensive architecture design documentation and high-level solution designs, also contributing to the development and publication of new architectural patterns, key design decisions, deviations, and the identification of technical risks and issues as appropriate.

The ideal candidate will be confident in presenting and articulating solutions to design authorities, senior leadership, and key stakeholders. In addition to shaping project direction, the Security Solution Designer will provide technical thought leadership and may act as a subject matter expert or consultant across related programmes.

RequirementsCybersecurity Expertise:

• Significant experience and proven technical depth within the following domains identity & access management, cryptography, privileged access management, SSH key management.
• Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level
• Experience working in large-scale IT transformation programmes

Significant experience and proven technical depth within cryptography, including; 

• Design and implement secure SSH key management solutions for large scale hybrid (on-prem, Cloud) environments.
• Experience with the design, deployment, and management of key management systems (e.g., AWS KMS, Azure Key Vault, Google Cloud KMS, HashiCorp Vault). 
• Public Key Infrastructure (PKI): Framework for managing digital certificates and public-key encryption. 
• Understanding of digital certificate management and secure communication protocols (e.g., TLS) using digital signatures. 
• Knowledge of hardware security modules (HSMs) for storing cryptographic keys securely, including integration with enterprise applications for key generation and usage. 
• Familiarity with NIST's Post-Quantum Cryptography (PQC) standardization efforts and practical approaches for transitioning to quantum-resistant encryption schemes. 
• Knowledge of FIPS 140-2 and FIPS 140-3 validated cryptographic modules and their integration with enterprise applications. 
• Expertise in cryptographic risk management, including assessing the potential impact of cryptographic weaknesses and determining mitigations such as key rotation, algorithm migration, or enhanced entropy sources. 

Accountabilities and ResponsibilitiesArchitecture & Design

• Develop and maintain end-to-end solution designs aligned with reference architecture and business needs.
• Document key design decisions, deviations, and associated technical risks.
• Ensure solutions are efficient, cost-effective, and meet customer and business outcomes.
• Promote strong documentation standards and a clear understanding of business and security motivations.

Governance

• Ensure all high-level design artefacts undergo proper governance and peer review.
• Present designs and decisions to technical authorities for feedback and approval.

Risk & Dependency Management

• Proactively identify, manage, and escalate technical and project risks.
• Communicate remediation strategies and link design decisions to potential impacts.

Leadership & Collaboration

• Provide technical thought leadership and act as a cybersecurity SME across projects.
• Collaborate effectively across teams to support solution delivery.

Qualifications & Certifications:

• Bachelors or Master’s degree in cybersecurity, computer science, software engineering, or related field
• CISSP/CISM certification or other broad cybersecurity industry-recognised certificate

Working at DevNull Security

While DevNull Security is a remote-first company, our consulting team may be required to travel to client sites up to 2–3 times per week, depending on project and customer needs. Locations may include Edinburgh, Birmingham, Sheffield, Manchester, London, or Glasgow.

We believe a career in cybersecurity should be accessible to everyone. We welcome applicants from all backgrounds regardless of race, ethnicity, gender, age, sexual orientation, disability, or neurodiversity.

As a growing company, we’re committed to building an inclusive, fair, and accessible hiring experience, and we’re always open to feedback to help us improve.

Role Requirements

• Ability to commute to client locations as needed
• No visa sponsorship available
• Must be authorized to work in the United Kingdom
• Hybrid working model