NHS AfC:
Band 8bContractPermanentHours Full time - 37.5 hours per week Job ref 914-BSA7330352 Site Stella HouseTown Newcastle upon TyneSalary £64,455 - £74,896 per annumSalary period YearlyClosing 25/08/2025 23:59
Job overview
Are you a dynamic, passionate security specialist looking for a new challenge? We have an exciting opportunity to join us as a Lead Security Architect to support the national delivery of the Future NHS Workforce Solution (FWS)
The future solution will build upon the success of the Electronic Staff Record (ESR), which is the national HR and payroll system for the NHS. The FWS will be rolled out nationally to over 1.9 million NHS colleagues across England and Wales.
If you’re looking for an opportunity to make a real impact across the NHS at this exciting time of transition, then this could be the role for you!
You’ll take on responsibility for the security solutions and security architecture for applications, information and infrastructure. Providing guidance and consultancy input into new and existing IT solutions, fully exploiting the opportunities of emerging technologies.
What do we offer? • 27 days leave (increasing with length of service) plus 8 bank holidays • Flexible working (we are happy to discuss options such as compressed hours) • Hybrid working model (we are currently working largely remotely) • Career development • Active wellbeing and inclusion networks • Excellent pension • NHS Car lease scheme • Access to a wide range of benefits and high street discounts!
Main duties of the job
1. Engage and collaborate with a wide range of stakeholders across all departments and communities. Integrating with external and internal providers, customers, peers, and other organisations, to build effective relationships to enable modern secure and open digital services whilst ensuring customer data and other assets are protected.
2. Demonstrate success in the handling of high profile, complex, sensitive issues to protect the reputation of the organisation and ensure context is provided to responses where appropriate.
3. Support the creation and execution of technology and service roadmaps that will drive the NHSBSA’s current IT estate towards cloud technology for strategic systems whilst decommissioning legacy systems.
4. Creating and maintaining IT security requirements for procuring IT services and the selection of third-party providers. Delivering complex IT services and working closely with them to provide effective solutions for the Business.
5. Design of cost effective and scalable enterprise solutions, from development through to implementation in a multi-supplier environment.
Working for our organisation
Here at the NHS Business Services Authority (NHSBSA), what we do matters.
We manage the NHS Pension scheme, process prescription payments and much more. Our services are used by NHS organisations, contractors and the public: we’re proud to be part of something meaningful, that touches millions of lives.
We design our services around customer needs and place people at the heart of our organisation. That’s why when you join us, you’ll be empowered and supported to help your career grow.
As one of the UK’s Best Big Companies to work for, we’re connected to our values: Collaborative, Adventurous, Reliable and Energetic. We care about our people, our purpose, and your progress.
We strive to offer a fantastic colleague experience, where every colleague is heard, supported and respected. Wellbeing, diversity and inclusion is at the centre of this, and you can join our Lived Experience Networks who help us bring our authentic selves to work.
We’re committed to being a flexible employer and we try to offer a working pattern that suits you where possible, through hybrid working, flexible hours and more.
Alongside a competitive salary with pay progression, we offer a people-centric benefits package, connecting you to the rewards and benefits you value most!
Ready to join us in delivering business service excellence to the NHS, helping people live longer, healthier lives? Apply today and see where the NHSBSA can take you.
We are people connected to care.
Detailed job description and main responsibilities
In this role, you are accountable for
Security Architecture/Operations
1. Collaborate to define “as-is” and “to-be” architectures to develop full technical solutions designs including preparation of technical artefacts, and blueprints, providing a high quality security proposal for submission into internal and external business cases and assessments.
2. Undertake and lead on investigative analysis within multidisciplinary teams, providing technical authority, making credible and practical technical decisions, communicating these with sensitivity and diplomacy to ensure the right technical direction is followed.
3. Working across/within different programmes and across different layers of architecture as needed and to translate business security requirements into IT services, solutions, investment and migration roadmap. Taking a major role to identify and share good security practices, participating in relevant communities of practice to drive adoption of design standards, trends and patterns.
4. Take ownership of particular areas of the business service, project or programme IT security architecture and ensure consistency with the Enterprise Architecture, HMG Security Strategy, HMG Digital Strategy and DH Digital Strategy and provides input into IT Strategy.
5. Monitoring the development of new and emerging tools, technologies and products to assess potential value and identifying opportunities to enhance security capabilities for products and services used within the organisation.
6. Responsible for the security blueprint solutions for complex protective and vulnerability security management of both physical and data assets clearly defining the as-is and to-be security architectures and document the transition to the to-be solution and its integration in the overall Enterprise and Security Architecture blueprints.
Staff Management
7. Management of staff including all line management responsibilities, performance management, appraisals, disciplinary, and standard HR processes for Security operations.
8. Undertake recruitment and selection in line with organisational processes and participate in the implementation and delivery of initiatives to secure suitable resources, increase skills levels and develop talent pools to meet the changing needs of the business landscape.
9. Seeking, providing and taking feedback to support and encourage teams and individuals to develop thinking and independently work through issues, to reach solutions-based outcomes. Taking full accountability for the approach and decision-making practices within area, including providing positive challenge to ideas and solutions.
10. Responsible for prioritising and planning own whilst contributing to the team’s work and providing input to the prioritisation of projects and programmes proposed and/or underway.
Financial Management
11. Maintain an awareness of financial and personal implications in the use of a range of resources.
12. Responsibility for contributing to budget management processes in accordance with NHSBSA’s policies, standing orders, financial regulations and legislative requirements.
13. Develop proposals for future investment including both technology refresh and project- based change; preparing necessary estimates, mandates and business cases within the technology department and providing estimates for such led by other departments.
Knowledge Management
14. Research of the marketplace and constant awareness of industry trends, threats and innovation using information to inform the ICT security strategy of the NHSBSA and as input to design activities.
15. To work with NHSBSA staff and Third Parties to ensure that security policy, standards, governance and processes are in place for producing
and maintaining up to date, comprehensive, comprehensible documentation which will include IT service security “blueprints” for all systems and services.
Relationship Management
16. Identify opportunities, engaging and fostering relationships and partnership working within the organisation, and with third parties, to identify and deliver value to the organisation.
17. Working across/within different programmes and across different layers of architecture as needed and to translate business security requirements into IT services and solutions.
18. Work with organisations external to the NHSBSA (e.g. the DHSC and GDS) when necessary to assist in clarifying their needs and requirements and be capable of devising options for security solutions, along with full assessment and cost estimation.
Information Management
19. Handles sensitive commercial & financial information, ensuring that the security solution architectural designs adhere to relevant legislation and standards including for example, Information Security, NHS Confidentiality and Data Protection legislation.
20. Implement, monitor and report on a number of areas including agreed service levels, KPI's and standards within security operations.
21. Monitor, report, present or escalate issues as appropriate to the Security Operations Manager
Delivery Management
22. Operate as an SME and point of authority on security architecture, making credible, pragmatic and practical security decisions and communicate with sensitivity and diplomacy to ensure the right technical direction is followed and to guide the business to make the best use of its existing IT where appropriate and to make recommendation about what other IT assets it needs to invest in.
23. To demonstrate creativity and innovation in applying IT solutions and services to develop and improve services and quality for the benefit of the organization and/or the end user of technology services. This includes devising and managing security initiatives to enable exploitation of digital services, capacity, performance, and system availability improvements that ensure business targets are met or exceeded and legacy services decommissioned, whilst ensuring data security and controlled access to data.
24. Responsible for providing expert help and guidance across the lifecycle of a security solution implementation, including technical and nontechnical aspects. This includes the migration of services across suppliers and closely with Technical Architects ensuring the solution and service design is successfully translated, built delivered and operated to meet security and business requirements
25. Input into workforce planning, ensuring required operational commitments are fully met, business change is estimated, prioritised, and delivered, resourcing issues are identified, mitigated and managed to deliver business value.
26. Manage, and input into the development and implementation of approaches, strategies, policies, standards and practices across the team, ensuring and monitoring the timely delivery of business objectives within budget through the management of projects and programmes.
27. To identify and interpret DHSC, GDS, local and national security policy changes and directives, and assess the impact on IT Infrastructure and surrounding processes, including influencing policy information within own security specialism.
28. Produce and deliver in depth reports and/or presentations to NHSBSA, HMG or DHSC stakeholder’s staff and external parties, on any aspect of the work delivered.
Person specification
Personal Qualities, Knowledge and Skills
Essential criteria
1. 1.Business change, rationalisation and transformation and implementation of strategic approaches, plans, activities and solutions
2. 2.Evaluation, interpretation, translation and communication of complex data/information from multiple sources and requirements to inform decision making.
3. 3.Design of cost effective and scalable enterprise solutions, from development through to implementation in a multi-supplier environment.
4. 4.Proven experience in developing and implementing security solution and enterprise architecture and design strategies in a multi supplier environment.
5. 5.Proven ability to undertake detailed security analysis of technical designs and provide the business with security assurance of supplier designs and proposals
6. 6.Broad technical knowledge covering web applications and services, information, infrastructure, cloud and managed service architectures. Knowledge of GDS Principles, NCSC guidance and familiarity with the requirements of the Government Security Classifications and NHS DSPT.
7. 7.Knowledge, and ideally experience, of emerging security technologies to mainstream business, such as: •Vulnerability Management •Secure Baseline configuration •Logging •Incident response •Security Analytics •Identity access management
8. 8.Experience of effective stakeholder management
Desirable criteria
9. 1.Enterprise architecture components and frameworks experience such as TOGAF, SABSA.
10. 2.Recent and demonstrable Team and Line Management experience
11. 3.A variety of approaches to hosted solutions and data centres including co-Location (and integration into Service Management models)
12. 4.Working to GDS Principles and/or having participated in GDS assessments
Experience
Essential criteria
13. 1.Knowledge & experience of the following :
14. 2.Engaging and building relationships with a range of stakeholders to support delivery of business outcomes
15. 3.Creatively interpreting strategy and translate emerging trends and technologies to design innovative security solutions and controls which benefit the organisation, reducing risk and enable opportunity.
16. 4.Complex system, information and security solution design.
17. 5.Developing and implementing security solution and enterprise architecture and design strategies in a multi supplier environment
18. 6.Comprehensive and recent experience in architecting security solutions in high-volume digital services
19. 7.Demonstrate detailed understanding of the security implications and appropriate security controls of hosting sensitive information in large scale UK Cloud based cloud infrastructure environments
20. 8.Ability to demonstrate a deep knowledge of security and privacy risks and threats along with a strong understanding of key considerations such as confidentiality, availability, integrity, non-repudiation and privacy.
21. 9.HMG cyber security policy, such as, NCSC guidance, Technology codes of practice and minimum security standards
Desirable criteria
22. 1.Transition of legacy services into digital cloud-based solutions
23. 2.Team and Line Management, including staff development
24. 3.Open source and cloud technologies and their sourcing.
25. 4.Experience of migrating services across different Data Centre locations and legacy application consolidation
26. 5.Solution and service design and delivery within an Agile development environment.
27. 6.Hosted solutions, services and data centres including co-Location (and integration into SIAM Service Management models)
Qualifications
Essential criteria
28. 1.An IT related degree or
29. 2.equivalent Industry Recognised Qualifications e.g. CISSP, CISMP, CCP, ISO 27001 implementer.
30. 3.Significant demonstrable experience in two of the of the following: •IT Security Architecture •Working in a number of complementary security roles •System and service architecture design OR
31. 4.Significant demonstrable experience over a number of years in at least three of the following: •IT Security Architecture •HMG Information standards and best practice •Working in a number of complimentary security roles •System and security architecture design •Management of a significant ICT implementation
Desirable criteria
32. 1.TOGAF/SABSA Certification or equivalent, or willing to work towards this certification
33. 2.CESG Certified Professional (CCP) Senior IA Architect Experience of working in an agile environment and experience with agile methodologies such as Scrum, Kanban I
34. 3.ITIL Certification
35. 4.SO27001 Implementer/ Auditor
The NHSBSA is passionate about creating a diverse and inclusive organisation, which is a great place to work and truly reflects the diversity of our customers. We welcome applications from talented people of diverse characteristics including age, disability, gender identity and expression, race or ethnicity, religion or belief, sexual orientation, or any marginalised group. We also welcome applications from all those in the Armed Forces Community.
At the NHSBSA we pride ourselves on being a Disability Confident Leader, Stonewall Top 100 employer and we’ve recently been awarded the Employers Network for Equality and Inclusion Gold Standard benchmark.
We offer an invitation to the first stage of the selection process for people with disabilities that wish to be considered under the Disability Confident scheme, and for members of the Armed Forces Community, where all of the essential criteria in the person specification are met.
A copy of our Privacy Notice is available to view at the link below:
NHSBSA Privacy Notice
Employer certification / accreditation badges