Lead Security Architect

UKHSA’s Cyber Security Architecture Delivery team is responsible for defining cyber security technical standards for the organisation, providing technical guidance and consulting to help service teams deliver against those standards, and supporting the selection of security tools and technology.

As Lead Security Architect you will oversee the secure delivery of projects and data platforms, ensuring architectural design reviews (HLD/LLD) and threat models are carried out to a high standard. You will work closely with a variety of stakeholders including business leads, project managers, delivery partners and multidisciplinary technology teams.

Everyone Matters – we promote equality of opportunity and actively encourage applications from all groups.

• Work closely with security architects, overseeing their work and providing assurance that architectural design reviews and threat models are carried out consistently to the required standard.
• Ensure the team have the appropriate blueprints, guidance, policies and standards required to complete their work.
• Take a risk‑based and outcome‑driven approach to secure architecture.
• Develop and communicate meaningful security policies.
• Identify and promote best practices for multidisciplinary teams to deliver resilient, secure and scalable services.
• Identify, own, and respond to security risks and issues as they arise.
• Cultivate and maintain relationships with other security teams within UKHSA, Cabinet Office, NCSC and the rest of government.
• Ensure all work is in line with DSPT‑CAF compliance and that the security architecture framework (blueprints, standards, etc.) is maintained.

• Demonstrable cyber security knowledge from a previous hands‑on role, especially working within large programmes, and experience of security management and information assurance practices.
• Experience with modern software engineering practices and or cloud infrastructure, including building, managing and deploying modern web services.
• Understanding of security end‑to‑end, from security considerations in the design of services to architecture reviews, threat modelling, controls and remediation against existing live services.
• Strong relationship‑building and effective communication with senior stakeholders and colleagues, ensuring that security considerations are well accounted for and built into ways of working.

• Leadership experience, including leading a team of technical specialists.
• Professional certification such as CISSP or CISM.
• Effective decision‑making and influential communication skills.
• Ability to deliver at pace.

This is a home‑based role with occasional travel to UKHSA core headquarters in London, Leeds, Birmingham, and Liverpool when needed.

Successful candidates must pass a disclosure and barring security check and meet the requirements for a Security Check (SC) clearance, normally based on UK residency of five years.

• Defined Benefit pension scheme with employer contributions.
• Cycle‑to‑work salary sacrifice scheme, season ticket advances and payroll giving.
• Retail discounts and cashback scheme.
• Flexible working patterns, including part‑time, job sharing and compressed hours.
• Generous maternity, paternity and adoption leave package.
• One privilege day for the King’s birthday and public holidays.
• Market Pay Supplement ranging from £5,000 to £15,000 based on capability level.