Overview
This strategic leadership role requires deep technical expertise in operational cyber security management and a clear understanding of how to apply it across a complex, multi‑site organisation. You will provide expert advice to Senedd Members and Commission Staff on technical security requirements, shape and deliver the Senedd ICT strategy, and support the integrity of our democratic processes by ensuring robust compliance and governance across the organisation.
Key Responsibilities
* Security Architecture Design: Develop and maintain the organisation's ICT security architecture, ensuring alignment with business objectives, regulatory requirements, and industry best practices.
* Threat and Vulnerability Management: Define and implement architectural standards for threat detection and vulnerability management, including automated scanning, penetration testing, and threat modelling.
* Secure System Assurance: Lead the technical assurance of new systems and services, embedding secure‑by‑design principles and conducting cyber risk assessments to ensure resilience and compliance.
* Incident Response Architecture: Architect and validate incident response capabilities, integrating them with monitoring and alerting systems to enable rapid and effective response to security incidents.
* Technical Advisory and Communication: Provide expert guidance to Senedd Members, Senior Officials, and technical teams on security architecture, translating complex concepts into clear, actionable advice for both technical and non‑technical audiences.
* Collaboration and Governance: Work closely with the Governance and Assurance Service to embed security architecture into risk management processes and drive continuous improvement in technical assurance.
* Security Awareness and Training: Promote architectural security awareness across the organisation through policy development, technical training, and the integration of secure design principles into operational practices.
* Standards and Compliance: Establish and maintain security architecture standards aligned with frameworks such as ISO 27001, NIST, and Cyber Essentials Plus, ensuring consistent application across ICT systems.
* Technical Problem Solving: Lead the resolution of complex security architecture challenges, providing expert input on secure system design, integration, and remediation strategies.
* Line Management Responsibilities: The role includes direct line management of the cyber security team, fostering a collaborative and supportive environment, setting clear objectives, conducting one‑to‑one meetings, supporting professional development, and ensuring effective delivery of architecture functions across the organisation.
Qualifications
* Proven experience in designing and implementing security architecture within a large, multi‑site organisation, with the ability to communicate complex technical concepts clearly to stakeholders at all levels, translating architectural decisions into business‑relevant language for non‑technical audiences.
* Deep technical understanding of cyber security principles, threat landscapes, and mitigation strategies, with the ability to apply these effectively to the organisation's infrastructure, applications, and operational processes in alignment with strategic objectives.
* Demonstrable experience in leading end‑to‑end improvements to ICT security architecture, including the design, delivery, and integration of secure systems and services, as well as managing project lifecycles and ensuring smooth service transition into operational environments.
Security
Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check. People working with government assets must complete baseline personnel security standard checks.
Nationality Requirements
* UK nationals
* Nationals of the Republic of Ireland
* Nationals of Commonwealth countries who have the right to work in the UK
* Nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre‑settled status under the European Union Settlement Scheme (EUSS)
* Nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre‑settled status under the European Union Settlement Scheme (EUSS)
* Individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
* Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Benefits
* Learning and development tailored to your role
* An environment with flexible working options
* A culture encouraging inclusion and diversity
* A Civil Service pension with an employer contribution of 28.97%
#J-18808-Ljbffr