Director Platform Engineering, Resilience & Cyber - DSIT - SCS2

Location

Bristol, Manchester

We are looking for a technical leader with deep expertise in platform engineering and cyber security to ensure the resilience, scalability and security of the government’s citizen-facing digital infrastructure.

The role leads a large, multidisciplinary workforce of approximately 100 staff and operates as a trusted peer to senior stakeholders across government, ensuring the resilience, scalability, and security of critical digital platforms.

This role will focus on platform delivery, cyber strategy and technical governance, safeguarding critical systems that underpin modern digital services relied upon by millions of users each week.

You will set the strategic direction for shared platforms and infrastructure, embedding security by design and ensuring compliance with relevant frameworks. Your leadership will enable teams to build and operate high-quality services at scale, while maintaining robust defences against evolving threats.

This is a senior role requiring deep technical understanding, strong stakeholder engagement, and a track record of delivering complex digital infrastructure at scale. You will partner closely with the Director General Digital Products and other GDS Directors to drive the usability, availability and performance of critical digital infrastructure relied upon by thousands of public services and millions of users including: the GOV.UK publishing system and information engine; GOV.UK One Login; GOV.UK App and wider ecosystem of GOV.UK platform products.

• Own the architecture and delivery of shared platform components (APIs, developer tools, cloud infrastructure, CI/CD pipelines, shared services) and production environments that enable high-quality digital services.
• Ensure platforms are highly available, fault-tolerant, and performant, supporting 24/7 operations and rapid recovery in the event of failure. As the range of GOV.UK products and platforms grows, the need for robust, high-performance, and cost‑effective shared solutions for support, live monitoring, incident management, and continuous improvement of services will become increasingly critical.
• Drive adoption of modern engineering practices, including containerisation, microservices, and automated observability.

• Define and implement the cyber security strategy for GDS platforms, embedding zero‑trust principles and advanced threat detection.
• Ensure compliance with NCSC guidance, ISO standards, and relevant government security frameworks.
• Lead on secure‑by‑design architecture, encryption standards, and identity management.

• Establish and mature robust live service operations, including real‑time monitoring, automated alerting, and incident response protocols.
• Build resilience into every layer of the stack, from network to application, ensuring continuity of service under extreme load or attack scenarios.
• Oversee disaster recovery planning and execution for nation‑scale systems.

• Own the technical roadmap for platform and infrastructure services, ensuring alignment with government priorities and emerging technologies.
• Set and enforce engineering standards for scalability, interoperability, and cost‑efficiency.

• Lead multidisciplinary teams of engineers, architects, and cyber specialists.
• Foster a culture of technical excellence, innovation, and accountability, with a strong focus on continuous improvement and knowledge sharing.

• Work with senior leaders across government and industry to ensure platforms meet user needs and support transformation goals.
• Represent GDS in cross‑government forums on cyber security, resilience, and digital infrastructure.

• Strong understanding of engineering practices and evidence of leadership in designing, delivering and scaling critical and complex digital platforms and infrastructure at national or enterprise scale.
• Expertise includes native architecture, platform engineering, and cyber security, including zero‑trust models, identity management, encryption, and threat detection.
• Experience operating mission‑critical, 24/7 live services with stringent SLAs and high security requirements.
• Strong track record in incident management, disaster recovery, and resilience planning for large‑scale systems.
• Proven ability to provide strategic leadership in the establishment, governance, and enforcement of enterprise‑wide technical standards, ensuring alignment with organisational strategies across diverse teams and supplier ecosystems.
• Skilled in influencing and collaborating across complex public or private stakeholder landscapes, such as government, banking and financial institutions, regulators, and industry partners.

• Leadership
• Delivering at Pace
• Making Effective Decisions
• Managing a Quality Service
• Seeing the Big Picture
• Changing and Improving