Principal Security Architect in London

Location: London / Glasgow / Cardiff

Security Clearance: Must have current SC

Contract Type: Inside IR35, paid via umbrella £750 - 800 per day, 12 months

About the Organisation

Public‐sector body, their work is central to supporting major national priorities, including the transition to a secure and environmentally responsible future. They are committed to creating an inclusive workplace where colleagues feel valued, supported, and able to contribute fully. Diverse voices and perspectives are key to driving innovation and delivering services that benefit the communities we serve.

They are seeking an expert-level Principal Security Architect to lead the security architecture, strategy, and assurance for a major transformation initiative: the Corporate Systems Refresh (CSR) Programme. You will shape security vision and influence technical and programme outcomes at organisational scale. Acting as a senior advisor, you will ensure systems are designed and delivered in line with security best practice and aligned to national guidance and assurance frameworks. This is a high‐impact role that will steer the security landscape of mission‐critical, enterprise‐level digital services.

Key Responsibilities

• Lead the Security Assurance and Compliance strategy for the CSR Programme.
• Define and drive the security vision, principles and long‐term strategy for systems impacted by the programme.
• Recommend and assure security design for complex or organisational‐level solutions.
• Influence senior stakeholders to guide architectural decisions across technical and business domains.
• Provide expert leadership on security tooling, static/dynamic analysis, and secure lifecycle practices.
• Lead security architecture assurance aligned to NCSC guidance and the Cyber Assurance Framework (CAF).
• Own the CSR Programme Security Architecture, risk register and mitigation strategies.
• Chair the CSR Security Working Group and represent security interests in wider governance forums.
• Support risk reporting, programme delivery planning and security governance activities throughout the lifecycle.

Essential Skills

• Chartered via UKCSC, CISSP, or equivalent.
• Deep technical understanding across IT infrastructure, software engineering, and systems management.
• Experience advising and influencing senior stakeholders on risk, intelligence and security matters.
• Strong background assessing security, privacy and resilience risks, building shared understanding across teams.
• Experience in managing delivery of strategic plans, tracking risk reduction and managing evolving priorities.
• Experience acting as an intelligent customer with 3rd‐party suppliers and negotiating security into contracts.

Desirable Skills

• Experience creating agile, pragmatic strategies for security, privacy and resilience across complex environments.
• Experience analysing and interpreting incidents across multifaceted systems.
• Ability to build business cases articulating the value of security and resilience enhancements.

Skills & Behaviours

• Expert‐level Security Architecture capability, able to design and review complex systems.
• Applied Security Expertise, translating business needs into strategic security decisions.
• Strong understanding of risk management principles and ability to lead structured assessments.
• Ability to interpret threat intelligence and advise stakeholders with clarity.
• Behaviours: Communicating & Influencing, Leadership, Making Effective Decisions.

Please send your CV in word format for the attention of Alison Calder.