UK Health Security Agency

Lead Cyber Security Architect

Information:

This job is now closed

Job summary

We are looking for a Lead Security Architect to work within the Cyber Security Architecture Delivery team. It is an exciting, fast-paced role that will drive strategic change across the organisation both in terms of data and analytic capability, and culture.

UKHSA's Cyber Security Architecture Delivery team is responsible for defining cyber security technical standards for the organisation, providing technical guidance and consulting to help service teams to deliver against those standards, and supporting the selection of security tools and technology.

As Lead Security Architect, you will be responsible for overseeing the secure delivery of projects and data platforms; ensuring architectural design reviews (High Level Design HLD/Low Level Design LLD) and threat models are carried out to a high standard.

Main duties of the job

As Lead Security Architect you will:

  • Work closely with security architects, overseeing their work and providing assurance that architectural design reviews and threat models are carried out consistently to the required standard.
  • Ensure the team have the appropriate blueprints, guidance, policies and standards required to complete their work.
  • Develop and communicate meaningful security policies.
  • Identify and promote best practices for multidisciplinary teams to deliver resilient, secure and scalable services.

About us

We pride ourselves as being an employer of choice, where Everyone Matters promoting equality of opportunity to actively encourage applications from everyone, including groups currently underrepresented in our workforce.

UKHSA ethos is to be an inclusive organisation for all our staff and stakeholders. To create, nurture and sustain an inclusive culture, where differences drive innovative solutions to meet the needs of our workforce and wider communities. We do this through celebrating and protecting differences by removing barriers and promoting equity and equality of opportunity for all.

Details

Date posted

16 September 2024

Pay scheme

Other

Salary

£51,824 to £65,089 a year Per annum, pro rata (plus market pay supplement of up to £15,000)

Contract

Permanent

Working pattern

Full-time, Part-time, Job share, Flexible working, Home or remote working

Reference number

919-LT-303679-EXT

Job locations

Any UKHSA site with hybrid/homeworking available

Any UKHSA site with hybrid/homeworking available

E14 4PU


Job description

Job responsibilities

The Cyber Security Architecture Delivery team is a mix of permanent civil servants (two Lead Security Architects and Head of Department) and contract Security Architects (6 to 10).

As Lead Security Architect you will:

  • Work closely with security architects, overseeing their work and providing assurance that architectural design reviews and threat models are carried out consistently to the required standard.
  • Ensure the team have the appropriate blueprints, guidance, policies and standards required to complete their work.
  • Take a risk based and outcome driven approach to secure architecture.
  • Develop and communicate meaningful security policies.
  • Identify and promote best practices for multidisciplinary teams to deliver resilient, secure and scalable services.
  • Identify, own, and respond to security risks and issues as they arise.
  • Cultivate and maintain relationships with other security teams within UKHSA, Cabinet Office, NCSC and the rest of government.

Essential criteria

  • Can demonstrate cyber security knowledge in a previous hands-on role.
  • Have experience of security management and information assurance practices.
  • Can demonstrate a sound understanding of how to securely architect a cloud infrastructure (Saas, Paas and IaaS) environment.
  • Understands security end-to-end, from security considerations in the design of services, through to architecture reviews, threat modelling, controls and remediation.
  • Builds strong relationships and communicates effectively with senior stakeholders and colleagues, ensuring that security considerations are well accounted for and built into ways of working.

Desirable criteria

  • Experience of working within big transformational programmes of work.
  • Experience with modern software engineering practices.

Selection Process

Stage 1: Application & Sift

You will be required to complete an application form. You will be assessed on the 5 essential criteria listed, and this will be in the form of :

  • a CV/ Application form (Employer/ Activity history section on the application)
  • a 500 word Statement of Suitability

This should outline how your skills, experience and knowledge provide evidence of your suitability for the role, with reference to the essential criteria. The CV and Statement of Suitability will be marked together.

In the event of a large number of applications we will longlist.

In the event of a large number of applications we will shortlist on the essential criteria of:

  • Can demonstrate cyber security knowledge in a previous hands-on role

Unfortunately, late applications will not be considered.

If you are successful at this stage, you will progress to interview & assessment

Please do not exceed 500 words. We will not consider any words over and above this number.Feedback will not be provided at this stage.

Stage 2: Interview (Success Profiles)

You will be invited to a (single) remote interview.Behaviours, technical, experience, abilities and strengths will be tested at interview.There will be a technical test and assessment.

The Behaviours tested during the interview stage will be

Delivering at Pace (lead behaviour) Making Effective Decisions Leadership Communicating and Influencing

Interview dates to be confirmed.

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Eligibility Criteria

External:Open to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants). Security Clearance Level Requirement

Successful candidates must pass a disclosure and barring security check.

Successful candidates must meet the security requirements before they can be appointed: Security Check (SC) willingness and capability to obtain this.For meaningful National Security Vetting checks to be carried out individuals need to have lived in the UK for a sufficient period of time. You should normally have been resident in the United Kingdom for the last 5 years as the role requires Security Check (SC) clearance. UK residency less than the outlined periods may not necessarily bar you from gaining national security vetting and applicants should contact the Vacancy Holder / Recruiting Manager listed in the advert for further advice.

Job description

Job responsibilities

The Cyber Security Architecture Delivery team is a mix of permanent civil servants (two Lead Security Architects and Head of Department) and contract Security Architects (6 to 10).

As Lead Security Architect you will:

  • Work closely with security architects, overseeing their work and providing assurance that architectural design reviews and threat models are carried out consistently to the required standard.
  • Ensure the team have the appropriate blueprints, guidance, policies and standards required to complete their work.
  • Take a risk based and outcome driven approach to secure architecture.
  • Develop and communicate meaningful security policies.
  • Identify and promote best practices for multidisciplinary teams to deliver resilient, secure and scalable services.
  • Identify, own, and respond to security risks and issues as they arise.
  • Cultivate and maintain relationships with other security teams within UKHSA, Cabinet Office, NCSC and the rest of government.

Essential criteria

  • Can demonstrate cyber security knowledge in a previous hands-on role.
  • Have experience of security management and information assurance practices.
  • Can demonstrate a sound understanding of how to securely architect a cloud infrastructure (Saas, Paas and IaaS) environment.
  • Understands security end-to-end, from security considerations in the design of services, through to architecture reviews, threat modelling, controls and remediation.
  • Builds strong relationships and communicates effectively with senior stakeholders and colleagues, ensuring that security considerations are well accounted for and built into ways of working.

Desirable criteria

  • Experience of working within big transformational programmes of work.
  • Experience with modern software engineering practices.

Selection Process

Stage 1: Application & Sift

You will be required to complete an application form. You will be assessed on the 5 essential criteria listed, and this will be in the form of :

  • a CV/ Application form (Employer/ Activity history section on the application)
  • a 500 word Statement of Suitability

This should outline how your skills, experience and knowledge provide evidence of your suitability for the role, with reference to the essential criteria. The CV and Statement of Suitability will be marked together.

In the event of a large number of applications we will longlist.

In the event of a large number of applications we will shortlist on the essential criteria of:

  • Can demonstrate cyber security knowledge in a previous hands-on role

Unfortunately, late applications will not be considered.

If you are successful at this stage, you will progress to interview & assessment

Please do not exceed 500 words. We will not consider any words over and above this number.Feedback will not be provided at this stage.

Stage 2: Interview (Success Profiles)

You will be invited to a (single) remote interview.Behaviours, technical, experience, abilities and strengths will be tested at interview.There will be a technical test and assessment.

The Behaviours tested during the interview stage will be

Delivering at Pace (lead behaviour) Making Effective Decisions Leadership Communicating and Influencing

Interview dates to be confirmed.

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Eligibility Criteria

External:Open to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants). Security Clearance Level Requirement

Successful candidates must pass a disclosure and barring security check.

Successful candidates must meet the security requirements before they can be appointed: Security Check (SC) willingness and capability to obtain this.For meaningful National Security Vetting checks to be carried out individuals need to have lived in the UK for a sufficient period of time. You should normally have been resident in the United Kingdom for the last 5 years as the role requires Security Check (SC) clearance. UK residency less than the outlined periods may not necessarily bar you from gaining national security vetting and applicants should contact the Vacancy Holder / Recruiting Manager listed in the advert for further advice.

Person Specification

CV and Statement of Suitability

Essential

  • CV and Statement of Suitability

Behaviours

Essential

  • Delivering at Pace (Lead Behaviour)
  • Making Effective Decisions
  • Leadership
  • Communicating and Influencing
Person Specification

CV and Statement of Suitability

Essential

  • CV and Statement of Suitability

Behaviours

Essential

  • Delivering at Pace (Lead Behaviour)
  • Making Effective Decisions
  • Leadership
  • Communicating and Influencing

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

UK Health Security Agency

Address

Any UKHSA site with hybrid/homeworking available

Any UKHSA site with hybrid/homeworking available

E14 4PU


Employer's website

https://www.gov.uk/government/organisations/uk-health-security-agency (Opens in a new tab)

Employer details

Employer name

UK Health Security Agency

Address

Any UKHSA site with hybrid/homeworking available

Any UKHSA site with hybrid/homeworking available

E14 4PU


Employer's website

https://www.gov.uk/government/organisations/uk-health-security-agency (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Resourcing Support Officer

Lisa Tweedie

Recruitment@ukhsa.gov.uk

Details

Date posted

16 September 2024

Pay scheme

Other

Salary

£51,824 to £65,089 a year Per annum, pro rata (plus market pay supplement of up to £15,000)

Contract

Permanent

Working pattern

Full-time, Part-time, Job share, Flexible working, Home or remote working

Reference number

919-LT-303679-EXT

Job locations

Any UKHSA site with hybrid/homeworking available

Any UKHSA site with hybrid/homeworking available

E14 4PU


Supporting documents

Privacy notice

UK Health Security Agency's privacy notice (opens in a new tab)