Location: Warminster, Wiltshire (hybrid working)
Type: Permanent
Clearance: Must hold security clearance above BPSS. Applicants must be sole British nationals, hold a valid British passport, and be eligible to obtain UK Security Clearance. Dual nationals cannot be considered.
Travel: Ability and willingness to travel required
The opportunity
Be part of a high-profile UK defence programme focused on transforming British Army collective training and enabling modern, secure delivery across training and deployed IT environments. This is a mission-led role with real-world impact, working alongside military stakeholders and multi-disciplinary engineering teams.
You'll join a collaborative matrix environment, operating as a senior technical contributor and trusted advisor across the project lifecycle-comfortable working independently when needed and equally effective influencing senior stakeholders.
The role
This Security Architect role requires a versatile individual who can make effective contributions across the full programme lifecycle. The position is critical to successful delivery of the transformation programme, ensuring systems and services meet demanding operational needs.
The role concentrates on Information Assurance and Cyber Security, but may also include support to physical and personnel security elements.
You'll be able to engage both technical experts and wider organisational stakeholders, applying a holistic approach to shape secure solutions that support strategic objectives.
Key responsibilities
- Develop and manage the security vision, architecture specifications, architecture analysis, threat modelling, requirements, standards, design patterns, reference architectures, strategies and roadmaps
- Apply security design principles to produce practical security architectures
- Lead security engagement with senior internal and external stakeholders
- Support security assurance of systems
- Provide strategic direction for security projects to deliver the information security strategy
- Capture, expand and analyse security requirements
- Develop innovative security solutions aligned to long-term architecture goals
- Drive security technology evaluations and proof-of-concepts
- Build strong cross-organisational relationships and influence architecture/stakeholders
- Support security technologies lifecycle management
- Ensure security is embedded across wider technology domain architectures (working with other architects)
- Conduct/assist with peer reviews
- Evaluate and assess security risk throughout application and system lifecycle management
- Stay current with security technologies and recommend adoption based on risk mitigation and business value
- Advise leadership on cybersecurity issues, processes, products and services
- Maintain oversight to ensure appropriate security controls are included in design and implementation
- Act as the cybersecurity SME contributing to overall system architecture
Essential skills & experience
- Self-starter; able to prioritise and plan complex work in a rapidly changing environment
- Strong customer/stakeholder engagement skills (internal and external)
- Excellent problem-solving and critical thinking
- Highly organised, discreet, outcome-focused; able to work at pace
- Able to articulate complex security concepts to technical and non-technical audiences
- Collaborative team approach; able to constructively challenge
- Able to interpret diverse business and technical requirements and identify viable controls/solutions
- Strong strategic awareness and ability to shape solutions aligned to organisational goals
- Confident communicating risk implications at senior levels
- Strong stakeholder expectation management under high-risk/high-complexity constraints
- Experience leading security design/review activities with architects/engineering teams
- Knowledge of enterprise architecture approaches (e.g., TOGAF, MODAF or equivalent)
- Strong grasp of risk methodologies and security risk management
- Experience supporting Risk Management Framework documents and controls
- Secure by Design understanding/experience
- Understanding of waterfall and agile delivery methodologies
- Understanding of how obsolescence affects Information Assurance
- Broad understanding of cloud hosting/cloud architecture for major providers
- Experience or knowledge of DevSecOps tooling and processes
- Working knowledge of MoD/Government security environments at classifications including SECRET and above
- Proven experience leading a small team
- Willingness to travel
- Security clearance above BPSS (or eligible to obtain)
Desirable
- Degree in Information Security or significant programme security experience
- Certifications: CISSP, CISM, CRISC, CGRC (any)
- Knowledge of Government Standard 007, ISO 27001 and NIST
- Strong written/oral/presentation skills
- Supply chain security management experience/knowledge
- Experience supporting security awareness/education programmes
- Problem management and/or ITIL experience
- Knowledge of intelligence disciplines and analysis concepts (GEOINT/SIGINT/OSINT/HUMINT etc.)
Apply / enquire
Apply via this advert or get in touch for a confidential discussion. Applications are being managed through the recruitment partner route.