Security Architect in Andover

You will join an established architecture capability supporting large, complex public-sector programmes. You will design and assure secure solutions that meet business and technical needs, maintaining architectural integrity and delivering against agreed time, cost and quality outcomes. As the Security Architect, you will ensure that critical services are securely designed and delivered to a high standard. You’ll apply secure-by-design best practice to minimise risk, guide delivery teams, and provide pragmatic security architecture leadership across multiple workstreams.

Key responsibilities

• Collaborate with multi-disciplinary teams to ensure security and architecture are considered throughout the full delivery lifecycle.
• Provide security architecture leadership for moderately complex projects and programmes.
• Develop and maintain security solution architectures aligned to enterprise direction and delivery constraints.
• Understand the client environment, technology ecosystem, interdependencies, and relevant reference architectures.
• Work with stakeholders (including assurance / accreditation functions) to identify security requirements and risks, assess impacts, and assure solution design and build.
• Support scoping, remediation planning, and responses to IT Health Checks (ITHC) and third-party penetration testing.
• Define, document, and communicate security reference architectures for programmes of work.
• Promote secure-by-design principles, contributing to internal standards, policies, patterns, and ways of working.
• Apply architectural principles during solution design to reduce risk and improve resilience.
• Identify and mitigate security threats using recognised threat modelling techniques and best practice methods.
• Ensure adherence to applicable corporate, industry, national, and international security standards.
• Provide guidance, mentoring, and leadership to engineering and architecture teams; help define best practices.
• Support pre-sales activity: contribute to bids/proposals, estimation and planning, client workshops, proofs of concept, and demonstrations.
• Contribute to business development and industry propositions with architecture input.
• Maintain awareness of the evolving security landscape, vulnerabilities, and their impact on proposed/operational solutions.
• Develop specialist knowledge in one or more security architecture domains and share knowledge across the wider practice.

Personal attributes

• Able to work independently and within multi-disciplinary delivery teams.
• Strong communication skills: able to articulate and present architectural options, trade-offs, and risk-based recommendations to a range of stakeholders (including senior audiences).
• Strong consulting capability and stakeholder management skills.
• Customer-focused; able to build trust quickly and operate effectively in client-facing environments.
• Organised, self-starting, adaptable, and able to manage changing priorities.
• Collaborative team player who supports continuous learning and knowledge sharing.

Technologies, methodologies & frameworks

• Relevant industry certifications (one or more), e.g. CISSP, SABSA, CISM, CEH, Microsoft Cybersecurity Architect Expert, AWS Certified Security – Specialty (or equivalent).
• Strong practical experience in threat modelling, risk articulation, and security assurance.
• Deep understanding of security concepts and their application to modern technical solutions.
• Experience with secure architecture patterns, standards, and enabling technologies.
• Knowledge of DevSecOps security toolchains and secure CI/CD practices.
• Experience with Secure Software Development Lifecycle (SSDLC) processes and methodologies.
• Strong understanding of secure handling of personal data and privacy principles (e.g., GDPR).
• Familiarity with solution security best practice such as OWASP and relevant national guidance for cloud security principles.
• Experience working in highly secure / regulated environments.
• Active SC clearance.
• Exposure to enterprise architecture frameworks (e.g., TOGAF, Zachman).
• Experience with architecture modelling tools (e.g., Sparx Enterprise Architect).
• Background delivering within UK public sector or defence programmes.
• Cloud security architecture experience (Azure and/or AWS).
• DevOps and CI/CD tooling and practices.
• Identity & access technologies: SSO, SAML, OAuth2, OpenID Connect, Active Directory, ADFS, LDAP.
• Secure development knowledge (Java and/or .NET) and secure web application/data architecture patterns.
• Experience designing secure solutions across on-prem, hybrid, and cloud hosting models.