Cyber Security Architect in Hampshire

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainably. Our Mission, Vision, and Values guide the way we do business.

We are seeking a Senior Cyber Security Architect to support customer projects within Civil & Devolved Government and Energy (DG&E) divisions in the UK. You must be based in the UK with the ability to hold SC Clearance or above, and you may need to apply for additional personnel security clearances. You will design and assure robust security architectures for customers, delivering high assurance with minimal friction, focusing on simple, effective security that customers value. The role supports secure, efficiently managed technical architectures for sensitive programmes. You will engage with third parties and customers, establishing and supporting ongoing growth. The role requires flexibility to operate in an agile environment with strong scheduling and prioritisation skills.

Responsibilities

• Lead the design, implementation, and assurance of cybersecurity architectures for the protection of programme data, systems, and networks.
• Provide expert guidance on security architecture and design patterns for cloud and hybrid environments.
• Conduct risk assessments, threat modelling, and develop mitigation strategies for new and existing solutions.
• Embed security controls into architectural designs to protect data and infrastructure.
• Produce and maintain architectural documentation, reporting, and communication with relevant stakeholders.
• Embed the Security Architecture Framework and assurance approaches into delivery to maintain build assurance of system and service security.
• Lead the delivery and assurance of security requirements from design through service transition.
• Support customers in developing Zero Trust Network Architecture (ZTNA) strategies and roadmaps to target-state capabilities.
• Lead security design and requirements for Microsoft Entra ID, supporting IDAM strategy development.
• Lead Security Architecture Forums, driving governance outcomes for customer programmes.
• Engage with the broader architect community to embed security-by-design into IT Governance and Technical Design Authority processes.
• Develop and implement security policies and standards as required to stay secure and compliant.

Candidate Information

• British – Many projects have nationality restrictions.
• SC cleared (or eligible for SC Vetting) – many projects have nationality restrictions.

Education/Experience

• Experience in a security architecture or senior security engineering role.
• Experience in a technical leadership or architecture-focused position.
• Relevant security architecture certifications (e.g., SABSA, TOGAF, CISSP-ISSAP, Microsoft Certified: Cybersecurity Architect Expert, AWS Certified Security – Specialty, or similar) is an advantage.

Essential Process Skills/Experience

• Excellent verbal and written communication skills; works well in a team environment.
• Experience of the IT systems engineering and architecture lifecycle.
• Understanding of systems engineering lifecycle controls (requirements management, configuration management, testing and assurance) and where security architecture fits.
• Familiarity with lifecycles/methodologies (waterfall, incremental, agile, DevOps).
• Solid understanding of Confidentiality, Integrity, and Availability (CIA) and applying it in architectural delivery.
• Experience designing secure solutions for sensitive environments.
• Understanding of service operations and security operational management planning.
• Awareness of Security Frameworks such as ISO 27001, ISO 27002, NIST, and NCSC Cloud Security Principles.
• Experience mentoring and acting in a team lead or senior role, including work on accredited security solutions in sensitive government or CNI scenarios.

Desirable Experience

• Experience in both customer delivery and consulting environments.
• Experience in SecDevOps, infrastructure as code, or security as code.
• Experience in CNI or Public Sector project environments.
• Experience working in AGILE environments.
• Experience defining and implementing Zero Trust/ZTNA roadmaps and identity security patterns (e.g., Microsoft Entra ID governance and access controls).

Technology Skills/Experience

• Deep understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus, IPS, IDS).
• Experience architecting Cloud Security Controls on Azure and AWS.
• Practical experience with Protective Monitoring systems (SIEM/SOC) and deployment principles.
• Understanding of authentication and authorization technologies (SAML, LDAP, PKI, etc.).
• Strong grasp of encryption protocols and their deployment in secure architectures.
• Experience defining security requirements for systems, including:
• Microsoft OS
• Linux OS
• Virtualisation technologies
• Networking
• Endpoint Security Products

Communication and Soft Skills

• Capable of developing and communicating a vision to meet system and security requirements.
• Ability to communicate complex technical ideas across audiences.
• Commercial awareness and project discipline.

Note: This description reflects the responsibilities and qualifications for the role and does not include non-job content such as promotional material.