DevOps & Cyber Architect

About Ofcom

As the UK’s communications regulator, we’re delivering vital work that helps keep the UK connected and shapes the future of how we’ll stay connected with each other. Our work covers everything from phones and broadband, through to TV, radio, the postal service, and wireless devices. We’re also taking on the challenge of making the online world a safer place. And we need people of all backgrounds, skill sets, and experiences to help us achieve our goal of making communications work for everyone.

About the Team

This role is part of Ofcom’s Cloud Architecture Team within the ICT department. The team ensures that the technology and security measures are in place to support Ofcom’s mission of making communications work for everyone. The position is vital for securing Ofcom from the increasing and evolving cyber threats. And for ensuring that the tools, technologies and processes available for helping colleagues achieve their objectives.

Purpose of the Role

As a DevOps & Cyber Architect, you will collaborate within a small team to design and integrate DevOps practices into secure technical solutions for colleagues. The focus is on ensuring that security testing, vulnerability assessments, compliance checks and Ofcom standard build practices are integrated throughout without compromising speed, security or agility.

Your key responsibilities:

• Develop and evolve over time, a DevOps strategy in line with business requirements and an ever-changing technology stack. The strategy will include secure software development lifecycle best practices, CI/CD tooling, automation and operational considerations.
• Contribute to the development of architectural standards, patterns, and best practices.
• Contribute to the design and documentation of secure software architectures for new and existing systems.
• Support colleagues in evaluating and integrating technologies, platforms, and frameworks.
• Participate in technical workshops, requirements gathering, and stakeholder meetings.
• Help ensure solutions are scalable, secure, and maintainable.
• Stay current with emerging technologies, especially in software development and cybersecurity.
• Collaborate with technology teams to address software vulnerabilities and implement remediation.
• Support the implementation of secure coding practices and participate in code reviews.

The skills, knowledge and experience you will need for success:

• Experience in software development, systems engineering, or a related field (internships and placements count).
• Proficiency in Python and the package managers pip and Conda.
• Experience with GitHub.
• Knowledge of at least one other programming language (e.g., R, .NET, Java, or C++).
• Knowledge of Node.js.
• Proficiency in using Azure as a cloud provider of IaaS and PaaS systems.
• Proficient in Azure DevOps, specifically build pipelines and Git.
• Understanding software design principles, system integration, and secure coding practices.
• Familiarity with cybersecurity concepts including vulnerability management, software supply chain risk management, modern authentication, authorization, logging, automated monitoring, defence in depth and penetration testing.
• Strong problem-solving and analytical skills.
• Linux administration skills with command line experience.
• Knowledge of Anaconda and Visual Studio Code.
• Experience with toolsets to analyse software to identify open-source components, their versions, licenses, and vulnerabilities e.g. Sonatype.
• Working knowledge of data science, machine learning and statistical analysis methods.
• Familiarity with regulatory standards (e.g., ISO27001) and risk management.

Behavioural Attributes:

• Owning Accountabilities: Take responsibility for your actions, decisions, and their outcomes. Show up reliably and commit to getting the job done.
• Forming Relationships: Build and nurture positive relationships with people inside and outside the organisation.
• Articulating Ideas: Express your ideas, thoughts, and information in a clear and concise manner, ensuring messages are understood by everyone.
• Evaluating Problems: Identify and solve issues by using well-thought-out strategies. Consider different angles and potential solutions to resolve concerns.

Inclusivity Statement

Ofcom has a clear mission: to make communications work for everyone. To be able to deliver on this, we want our organisation to reflect the diversity of background, experience, upbringing and thought that exists across the UK. We aim to recruit from the widest pool of candidates possible – no matter your social background, age, ethnicity, sexual orientation, gender, or disability. We also warmly welcome applicants who are returning to the workforce after a break – for whatever reason. If you have taken time away and are ready to rejoin, we look forward to reviewing your application. Where positions are listed as full-time, we remain open to reduced hours, part-time arrangements, job shares, and other flexible working options. From day one, we champion flexible work arrangements to accommodate individual needs. You can read more about our Rewards, Benefits and Well-being on our careers page. Our recruitment processes prioritise accessibility and inclusivity. If you need adjustments, information in an alternative format, or prefer to apply in a different way, please contact us at resourcing@ofcom.org.uk or call 0330 912 1378. As a Disability Confident Leader, we offer interviews to disabled applicants who meet essential criteria for advertised roles.