Job overview
UKHSA’s Cyber Security Architecture Delivery team is responsible for defining cyber security technical standards for the organisation, providing technical guidance and consulting to help service teams to deliver against those standards, and supporting the selection of security tools and technology.
The team (of ten) works across the organisation to support projects to ensure that solutions (predominantly AWS & Azure) are securely designed, identifying threats and where appropriate working with pen test teams to scope testing.
As Lead Security Architect, you will be responsible for overseeing the secure delivery of projects and data platforms; ensuring architectural design reviews (HLD/LLD) and threat models are carried out to a high standard. It is an exciting, fast-paced role that will drive strategic change across the organisation both in terms of data and analytic capability, and culture.
You’ll work closely with a variety of stakeholders including business leads, project managers, delivery partners - as well as multi-disciplinary Technology teams who build and run services.
Main duties of the job
The Cyber Security Architecture Delivery team is a mix of permanent civil servants (Two Lead Security Architects and Head of department) and contract Security Architects (6 to 10)
As Lead Security Architect you will:
* Work closely with security architects, overseeing their work and providing assurance that architectural design reviews and threat models are carried out consistently to the required standard
* Ensure the team have the appropriate blueprints, guidance, policies and standards required to complete their work.
* Take a risk based and outcome driven approach to secure architecture
* Develop and communicate meaningful security policies
* Identify and promote best practices for multidisciplinary teams to deliver resilient, secure and scalable services
* Identify, own, and respond to security risks and issues as they arise
* Cultivate and maintain relationships with other security teams within UKHSA, Cabinet Office, NCSC and the rest of government
* Ensure all work is in line with DSPT-CAF compliance and the security architecture framework (blueprints, standards etc…) are maintained.
Essential role criteria:
* can demonstrate cyber security knowledge in a previous hands-on role, especially working within big programmes, and have experience of security management and information assurance practices.
* Has experience with modern software engineering practices and or cloud infrastructure, including building, managing and deploying modern web services
* Understands security end-to-end, from security considerations in the design of services, through to architecture reviews, threat modelling, controls and remediation against existing live services
* builds strong relationships and communicates effectively with senior stakeholders and colleagues, ensuring that security considerations are well accounted for and built into ways of working
Desirable criteria:
* Leading a team of technical specialists
* Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) qualification
Selection Process Details
For detailed information on the selection process, please follow the link to apply.
Salary Information
If you are successful at interview, and are moving from another government department, NHS, or Local Authority, the relevant starting salary principles for level transfers or promotions will apply. Otherwise, roles are offered at the pay scale minimum for the grade, but in exceptional circumstances there may be flexibility if you are able to demonstrate you are already in receipt of an existing, higher salary. Pay increases are through the relevant annual pay award for the role and terms.
Please be aware that the salary is based on your location:
Grade 7
* £56,185- £66,581 (National)
* £58,340- £68,574 (Outer London)
* £60,494- £70,566 (Inner London)
You will also receive an additional Market Pay Supplement of between - £5,000 to £15,000 (Dependent on your capability level).