Principal Security Architect – Contract
Hybrid | Low office expectation
💷 £700 - £800 per day | INSIDE IR35
🔐ACTIVE SC Clearance Required
Overview:
We’re supporting a central government body in hiring a contract Principal Security Architect to lead the design of secure, resilient digital systems across major national programmes.
This role sits within the organisation’s Digital, Data and Technology (DDaT) function, working as part of the enterprise architecture team. You’ll be responsible for embedding Secure by Design principles, shaping architecture in line with NCSC best practice, and supporting delivery teams with proportionate, risk-based controls.
Key Responsibilities:
* Lead the end-to-end design of secure systems and services across cloud and hybrid environments
* Review and assure architectures against NCSC guidance, ISO 27001, and internal security frameworks
* Work closely with project, architecture, SecOps and assurance teams to embed secure-by-design principles
* Conduct threat modelling, risk assessments, and architectural reviews across platforms and programmes
* Translate complex security risks into clear, actionable strategies for technical and non-technical stakeholders
* Contribute to the development of reusable security artefacts – including patterns, reference architectures, and risk traceability tools
* Support stakeholder engagement across internal departments, delivery partners, and external agencies (e.g. GDS, NCSC)
Required Skills & Experience:
* Proven experience in a senior security architecture role, ideally within public sector or regulated environments
* Strong understanding of cloud and enterprise security across Azure, AWS, or GCP
* Deep knowledge of Secure by Design, Zero Trust, and architectural assurance principles
* Familiar with NCSC Cloud Security Principles, CAF, and wider UK government security guidance
* Certifications such as CISSP, CISM, SABSA, TOGAF, AWS/Azure Security desirable
* Experienced in stakeholder engagement and translating risk across technical and business contexts
* Active SC clearance