The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern digital government.
Our priorities are to drive a modern digital government, by:
joining up public sector services
harnessing the power of AI for the public good
strengthening and extending our digital and data public infrastructure
elevating leadership and investing in talent
funding for outcomes and procuring for growth and innovation
committing to transparency and driving accountability
We are home to the Incubator for Artificial Intelligence (I.AI), the world-leading GOV.UK and at the forefront of coordinating the UK's geospatial strategy and activity. We lead the Government Digital and Data function and champion the work of digital teams across government.
We're part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol.
The Government Digital Service is where talent translates into impact. From your first day, you'll be working with some of the world's most highly-skilled digital professionals, all contributing their knowledge to make change on a national scale.
Join us for rewarding work that makes a difference across the UK. You'll solve some of the nation's highest-priority digital challenges, helping millions of people access services they need
Job Description
The GOV.UK One Login for Government Programme represents a once in a generation opportunity to simplify and widen access to all digital government services. Sitting at the heart of the government, we are building one simple, safe and secure way for users to log in and prove who they are that will work across all government services.
The GOV.UK One Login programme is full of talented and passionate people who are consistently delivering high quality products for services and individuals. We're half way through our build phase and features are being shipped almost weekly as we work to mature our product set so that we can expand the range of services and departments benefitting from our work.
Sometimes described as the most strategic programme in government, GOV.UK One Login represents a once in a career opportunity to work on a software product that will be used by the majority of the people living in the UK. It's a fast paced, dynamic and challenging environment that is sure to offer you career satisfaction as well as a chance to develop and enhance your skills.
If this sounds like the next role for you on your career journey then we'd love to hear from you.
Find out more at the GDS Blog.
One Login is the secure front door for millions accessing digital public services. Given the scale and criticality, security, reliability, and resilience are paramount to our mission. This high-profile role requires an experienced Principal Security Architect and leader with a proven track record of strategic direction and managing security products in a complex environment.
You will be the driving force behind the Security as a Product concept within the One Login system. This involves leading the development, delivery, and continuous improvement of security as an essential, integrated capability across all services. You will seamlessly embed security into systems and operations by collaborating closely with product teams, engineering, architecture, governance, and senior stakeholders. Your mandate will be to manage the entire security product lifecycle, expertly balancing security risks, programme objectives, user needs, and technical constraints.
As a Principal Security Architect, you will be responsible for:
shaping and delivering the security architecture and roadmap in alignment with the overarching cyber security strategy and wider programme objectives, ensuring security objectives support wider business goals and developing metrics and reporting to demonstrate security posture and maturity
defining and evolving security architecture capabilities as part of the overall service ecosystem, communicating the value of security to technical and non-technical stakeholders and collaborating with cross-functional teams
leading cross-functional teams to design and deliver security controls, improvements, and risk mitigation in line with enterprise priorities and compliance requirements
acting as a trusted advisor to senior management and programme boards, on product security matters, risks, and opportunities
establishing and overseeing governance frameworks for One Login products and services, and developing reporting and KPIs to demonstrate security posture and maturity
working with government departments, industry partners, and regulatory bodies to assess and manage shared risks and influence best practices
ensuring the programme meets stringent public sector security requirements, including those from NCSC CAF, Secure by Design principles, or other applicable frameworks
working in close collaboration with the Head of Security Operations for One Login and the GDS CISO, take responsibility for embedding a robust security culture across the programme. Act as a champion for security; setting out a vision and strategy with appropriate governance
Person specification
We're Interested In People Who
have a strong track record of experience in security architecture at a leadership level, ideally for a Critical National Infrastructure (CNI) or comparable risk/profile/impact level product
are experienced in managing security as a product/service, evolving capabilities over time, and communicating value to both technical and non-technical stakeholders
are skilled in leading cross-functional teams to deliver security initiatives, controls, and risk mitigations in alignment with enterprise priorities, compliance requirements, and regulatory standards
have hands-on experience managing security against recognised frameworks (e.g., NCSC CAF) and driving continuous improvement through assessment and assurance processes
are a trusted advisor to senior leaders, programme boards, and external partners, with the ability to explain complex security risks and opportunities in a clear and actionable way
have strong interpersonal skills and ability to work with product, engineering, enterprise architecture, privacy, and operations teams to integrate security seamlessly into service delivery
Benefits
There are many benefits of working at GDS, including:
flexible hybrid working with flexi-time and the option to work part-time or condensed hours
a Civil Service Pension with an average employer contribution of 28.97%
25 days of annual leave, increasing by a day each year up to a maximum of 30 days
an extra day off for the King's birthday
an in-year bonus scheme to recognise high performance
career progression and coaching, including a training budget for personal development
a focus on wellbeing with access to an employee assistance programme
job satisfaction from making government services easier to use and more inclusive for people across the UK
advances on pay, including for travel season tickets
death in service benefits
cycle to work scheme and facilities
access to an employee discounts scheme
10 learning days per year
volunteering opportunities (5 special leave days per year)
access to a suite of learning activities through Civil Service learning
Any move to Government Digital Service from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at
Office attendance
The Department operates a discretionary hybrid working policy, which provides for a combination of working hours from your place of work and from your home in the UK. The current expectation for staff is to attend the office or non-home based location for 40-60% of the time over the accounting period.
DSIT does not normally offer full home working (i.e. working at home); but we do offer a variety of flexible working options (including occasionally working from home).
Things you need to know
Artificial intelligence
Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.
Selection process details
The standard selection process for roles at GDS consists of:
a simple application screening process - We only ask for a CV and cover letter of up to 750 words. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the "person specification" section above
a 60 minute video interview
Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.
In The Event We Receive a High Volume Of Applications, We Will Conduct The Initial Sift Against The Lead Criteria Which Is
have a strong track record of experience in security architecture at a leadership level, ideally for a Critical National Infrastructure (CNI) or comparable risk/profile/impact level product
In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We'll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.
For this role we'll be assessing you against the following Civil Service Behaviours:
changing and improving
making effective decisions
leadership
communicating and influencing
Skills
We'll also be assessing your experience and specialist technical skills against the following skills defined in the Government Digital and Data Capability Framework for the Principal Security Architect role:
Designing secure systems
Enabling and informing risk-based decisions
Research and innovation
Security technology
Understanding security implications of transformation
Want to know more about who Government Digital and Data are? Click Here
Recruitment Timeline
Sift completion: Friday 13th March 2026
Panel interviews: Starting week commencing Monday 23rd March 2026
Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.
A reserve list will be held for a period of 12 months, from which further appointments can be made.
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.
Please note that this role requires SC clearance, which would normally need 5 years' UK residency in the past 5 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.
For meaningful checks to be carried out, you will need to have lived in the UK for a sufficient period of time, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. Whilst a lack of UK residency in itself is not necessarily a bar to a security clearance, and expectation of UK residency may range from 3 to 5 years. Failure to meet the residency requirements needed for the role may result in the withdrawal of provisional jobs offers.
Sponsorship
DSIT cannot offer Visa sponsorship to candidates through this campaign. DSIT holds a Visa sponsorship licence but this can only be used for certain roles and this campaign does not qualify.
Feedback will only be provided if you attend an interview or assessment.