Principal Security Architect

Join a team at the heart of the global economy! The Department for Business and Trade ('DBT') and Inspire People are partnering together to bring you an exciting opportunity for a Principal Security Architect to drive the secure design and development of solutions within the department. Salary between £71,738 to £93,864 (including allowances) plus excellent Civil Service benefits including 28% pension contribution. Salary is dependent on location and technical skills as assessed at interview. Flexible, hybrid working from London, Cardiff, Darlington, Belfast, Birmingham, Salford and Edinburgh.

About the role

In DBT the Principal Security Architect is responsible for driving the secure design and development of solutions within the department. They lead the security engagement for all projects ensuring that the department's security design standards are adhered to.

This challenging role incorporates aspects of security architecture, cyber risk management and cyber security policy. As a Principal Security Architect, you will also provide an 'out-reach' to advise on security requirements and solutions to enable technical teams to make security decisions, ensuring the effective use of common tools and products.

You will collaborate across DDaT and wider DBT to identify new opportunities for exploiting emerging technologies and support the development of architectures, patterns and approaches to support their safe use in accordance with the department's risk appetites. At all times your goal is to help ensure delivery of systems that meet the desired business outcomes with security decisions and controls being proportionate to the risk appetite.

You will build effective partnerships with diverse teams across multiple locations and technologies and effectively communicate security and risk implications across technical and non-technical stakeholders. You will manage the Security Architecture team, covering critical review architecture referencing NCSC (National Cyber Security Centre ) guidelines and to guide and mentor others throughout DBT.

Main responsibilities

You will:

• Interact with senior stakeholders across the department and influence a wide, diverse group of stakeholders
• Research and apply innovative security architecture solutions to new or existing problems, justifying and communicating design decisions
• Develop vision, principles, and strategy for security architects for specific projects or technologies
• Work out subtle security needs and understand the impact of decisions, balancing requirements and deciding between approaches
• Produce particular patterns and support quality assurance
• Act as the point of escalation for architects in lower-grade roles
• Lead the technical design of systems and services
• Drive 'secure by design' by promoting security as an aspect of quality, ensuring that program, project, and service managers own this responsibility
• Follow developments in the security and technology industry to ensure that the technology landscape is kept secure in line with industry standards
• Recommend security controls and identify solutions that support DBT's objectives
• Provide specialist advice and recommend approaches, advising on key security-related technologies and assessing the risk associated with proposed changes

Skills and Experience
It is essential that you have:

• Extensive experience in leading and evaluating the secure design of major products, services, and complex solutions, with the ability to review secure system architectures through the development of patterns and principles
• Proven ability to lead decision-making within Architectural Review Boards and as a Technical Design Authority, based on information assurance risk assessment methodology and governance
• Proficiency in applying security concepts to a technical level across multiple projects, including working with security tools, network security infrastructure technologies, and information security management frameworks (e.g., ISO 27001, NIST)
• Experience overseeing penetration testing and the ability to effectively translate cyber risk analysis into standards, patterns, and approaches to enable the safe exploitation of current and emerging technologies
• Strong understanding of NCSC information security guidance and architecture patterns alongside familiarity with architecture methodologies such as SABSA and TOGAF
• Excellent communication skills, with the ability to apply security concepts to a technical level and effectively translate and communicate security and risk implications across technical and non-technical stakeholders
• Experience considering the security implications of transformation, interpreting and applying understanding across complex areas, and influencing policy and process, business architecture, and legal and political implications

It is desirable that you have:

• Knowledge of Secure by Design principles

Benefits

If you join DBT, you will get:

• learning and development tailored to your role
• a flexible, hybrid working environment with options like condensed hours
• a culture encouraging inclusion and diversity
• a Civil Service pension with an average employer contribution of 27%
• annual leave starting at 25 days rising to 30 days with service
• three paid volunteering days a year
• an employee benefits programme including cycle to work

Other Information

This role requires SC Clearance. DBT's requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn.

If you're an experienced Security Architect, please apply to the role today or contact Keesha Paulsen for a confidential conversation.