Security Architect in Newport, Wales

Our client is looking for a Security Architect to join a high-profile defence training programme focused on transforming British Army collective training. You'll be working across Information Assurance, Cyber Security and security architecture in a senior, largely autonomous role. This is a mission-critical position on one of the UK's most significant Land defence programmes.

Working Patterns and location: Hybrid – 3/4 days on site per week

The Key Responsibilities of a Security Architect:

• Develop and manage security architecture specifications, threat models, standards and roadmaps.
• Apply Secure by Design principles across collective training and deployed IT environments.
• Lead security engagement with senior internal and external stakeholders, including the British Army.
• Capture, analyse and decompose complex security requirements across the programme lifecycle.
• Drive security technology evaluations, proof-of-concepts and risk assessments.
• Embed security controls within wider system architectures through close collaboration with fellow architects.
• Support development of Risk Management Framework documentation and security assurance activities.
• Advise leadership on cybersecurity risks, emerging technologies and strategic security direction.

Key Skills required for a Security Architect:

• Proven experience in security architecture design across complex IT or defence environments.
• Strong knowledge of Information Assurance, Cyber Security and threat modelling methodologies.
• Working knowledge of MoD or Government IT security at SECRET classification and above.
• Knowledge of Enterprise Architecture frameworks such as TOGAF or MODAF.
• Experience formulating, recording and managing security risk using recognised risk methodologies.
• Understanding of Secure by Design principles and their application across a programme lifecycle.
• Ability to communicate complex security risk clearly to both technical and non-technical senior stakeholders.
• Experience leading small teams and operating independently in a senior technical capacity.

Desirable:

• BSc in Information Security or significant commercial experience in a programme security environment.
• Professional certification in CISSP, CISM, CRISC or CGRC.
• Demonstrable knowledge of Government Standard 007, ISO 27001 and NIST frameworks.
• Experience or knowledge of Cloud security architecture across one or more major Cloud providers.
• Experience with DevSecOps tooling, processes and Supply Chain security management.
• Problem management and/or ITIL experience, or knowledge of intelligence disciplines such as GEOINT, SIGINT or OSINT.

Our clients Offer:

• 25 days holiday (increasing to 27 days) + statutory public holidays.
• Contributory Pension Scheme (up to 10.5% company contribution).
• 6 times salary 'Life Assurance'.
• Flexible Benefits scheme.
• Discretionary Bonus scheme.
• Enhanced family friendly policies.
• 37hr standard working week, with an early finish on Fridays whilst operating a 'Hybrid Working Model'.
• Canteen facilities are available in some sites.

Our client is committed to providing a diverse and inclusive workplace and welcomes applications from all backgrounds. Part-time opportunities/flexible working is available to suit individual needs.

You will be required to hold a minimum of SC Clearance. If you do not hold an active SC Clearance, please familiarise yourself with the vetting process before applying.