Enterprise Security Architect (Principal Cyber Security Professional)

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC. Visit our YouTube channel to watch the full series and come and discover your potential. Are you passionate about Cyber Security and Enterprise Architecture?
Do you have senior-level experience as a Cyber Security Professional?
Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work/life balance while making a significant impact. HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five years modernising our IT Landscape across Multi-Hybrid Cloud Platform. Working in one of the most complex infrastructures across Europe with significant investment and over 1000 changes monthly impacting over 600 services. Security Modernisation is critical to this initiative and our collective success. Now is a great time to join us as we establish a team of outstanding people in the fields of Security Architecture, Risk Assessment and Testing who will create and run these new and improved technology services. This is a chance to work on services that matter and affect the lives of millions of citizens as well as delivering Government Security services directly across circa 400 Government Departments and Arms-Length Bodies (ALBs). Join HMRC Security, part of the Chief Digital Information Office (CDIO), supporting one of Europe\'s largest IT estates. Within Cyber Security Technical Services (CSTS) and the Government Security Centre for Cyber (Cyber GSeC), we build capability across HMRC to detect, prevent, and respond to evolving cyber threats. Our vision is to be a recognised centre of excellence, delivering customer-centric cyber services and consultancy that adapt to emerging technologies and risks.

As an Enterprise Security and Principal Cyber Security Professional, you will work in a multidisciplined team in Cyber Security Technical Services (CSTS). You\'ll be part of vibrant Cyber Security and Architecture communities across HMRC and wider government. In this strategic role, you\'ll lead engagement with senior business and technical stakeholders, providing risk-based security advice to enable secure delivery of government services. You\'ll influence policy, setting direction for technical and business change, and develop capability through coaching and mentoring. You\'ll shape consistent security architecture across HMRC\'s multi-billion-pound transformation portfolio, creating and evolving roadmaps, design patterns, and reference architectures that support modern, strategic platforms. You may also take online management responsibilities and lead the development of CSTS capabilities and services. As an Enterprise Security Architect, your visionary leadership will drive the strategic development of HMRC\'s security technology landscape, influencing best practice across government and driving innovation.

Your role will include:

• Strategic Leadership: Define and lead enterprise security strategies aligned with Zero Trust and architectural standards.
• Technology Direction: Develop and implement security principles, tooling strategies, and architectural guidance to address business risks and support policy applied to products, platforms and services.
• Capability Development: Build technical expertise across CSTS and Cyber GSeC, driving learning and development. You will support the Head of Capability in driving and delivering Enterprise-wide security technology change, engaging at a strategic level and working through the lifecycle to governing the technical implementation of security services and solutions.
• Effective Communication: Translate technical impacts into clear, actionable advice for stakeholders.
• Framework & Methodology: Enhance enterprise security architecture using TOGAF, SABSA, and NIST 2.0 frameworks.
• Tooling Roadmaps: Create and communicate security tooling roadmaps, incorporating vendor insights and threat landscape analysis.
• Design Patterns & Baselines: Establish technology baselines and design patterns to guide secure solution development.
• Strategic Engagement: Support the Head of Capability in delivering enterprise-wide security change, from strategy to implementation.
• Cross-Government Collaboration: Provide subject matter expertise and lead cyber service delivery across HMG.
• Innovation & Adoption: Research and integrate emerging technologies and methodologies into HMRC\'s security strategy.
• Governance, Mentorship, and Stakeholder Management: Provide representation at governance boards, along with peer reviews and including mentoring. Build strong relationships with stakeholders across the civil service, departments, suppliers, vendors, and programmes.

• Communication Skills: Proficient in managing stakeholder relationships across business and technical domains through active engagement and clear communication.
• Team Engagement and Leadership: Effective in engaging teams, sharing knowledge, guiding, and training colleagues, and managing change.
• Security Fundamentals: Deep understanding of confidentiality, integrity, availability, non-repudiation, resilience and privacy risks.
• Architectural Methodologies: Practical experience with TOGAF and SABSA.
• Security Frameworks: Familiarity with industry-standard frameworks (e.g., NIST, ISO 27001, 27002, 27005, 27017, 27018, 22301) and NIST CSF 2.0.
• Technical Output Creation: Proven ability to develop reference architectures, roadmaps, design patterns, principles, standards, policies, and guidance.
• Security Control Design: Experience designing controls from non-functional requirements and associated guidance.
• Knowledge of Cryptography including symmetric & asymmetric encryption systems, infrastructure, risks, weaknesses and mitigations.
• Knowledge and Experience of Modernised Security Operations including Attack Surface Management.

• Expertise across at least two of the following security domains, with real-world experience applying technical security in complex environments and major projects.
• Domains
• Identity and Access Management: PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid Cloud Models, AzureAD, MIM, FIM, and modern authentication protocols (SAML, OIDC).
• Network Security: Segmentation, WLAN/LAN/WAN, SD-WAN, SaaS proxies, VPNs, firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust.
• Application Security: SAST/DAST/RAST/IAST, SDLC integration, OWASP, API security design, threat modelling, container security.
• Data Security: Information protection tools, key and secrets management, DLP, and protective marking and classification.
• Cyber Security Operations: Incident response, vulnerability management, SIEM, SOAR, threat modelling, threat hunting, intelligence, data analytics, anti-phishing.
• Infrastructure and Endpoint Security: EDR/EPP, UEBA, baseline configurations; Microsoft stack across devices and servers.
• Cloud Security: Cross-hybrid cloud architectures (AWS, Azure), CASB, CSPM, CWPP, container security.

• Certifications and memberships that would strengthen your application:
• Professional Certifications: CCSP, CISSP, CRISC, NCSP Practitioner, ISO27001 Lead Implementer or Auditor
• Vendor-Specific Qualifications: Microsoft Cybersecurity Expert, AWS Security, Cisco, VMware, Fortinet, Checkpoint

Alongside your salary of £71,725, HM Revenue and Customs contributes £20,778 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments. We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible, considering our operational and customer service needs. We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days.

• Pension - We make contributions to our colleagues\' Alpha pension equal to at least 28.97% of their salary.
• Family friendly policies.
• Personal support.
• Coaching and development.

To find out more about HMRC benefits and find out what it\'s really like to work for HMRC hear from our insiders or visit Thinking of joining the Civil Service.