Senior Cyber Security Architect

Description:

We require a Senior Cyber Security Architect to support our customer projects within Civil & Devolved Government and Energy (DG&E) divisions in the UK. You must be based in the UK with the ability to hold SC Clearance or above, and you may need to apply for additional personnel security clearances. We are seeking individuals who can join a high-performing team and confidently design and assure robust security architectures for our customers, delivering high assurance with minimal friction. The focus is on simple, effective security that our customers value.

The role will support the delivery of secure, efficiently managed technical architectures for sensitive programmes. You will engage with third parties and customers, establishing and supporting ongoing growth. The position offers diversity in day-to-day activities and requires flexible operating parameters to support service in an agile environment, along with strong scheduling and prioritisation skills.

Are you ready for your next challenge? 

The successful candidate will be expected to lead the design and assurance of secure architectures across multiple programme environments, most of which are in the cloud (AWS, Azure & Oracle), and offer expert guidance on security best practices. The ideal candidate will support the wider Leidos security capability, collaborating with a talented and multi-faceted cyber team across our UK business, delivering on customer commitments, and seeking opportunities to embed security by design.

Responsibilities

Lead the design, implementation, and assurance of cybersecurity architectures for the protection of programme data, systems, and networks.
Provide expert guidance on security architecture and design patterns for cloud and hybrid environments.
Conduct risk assessments, threat modelling, and develop mitigation strategies for new and existing solutions.
Ensure that data and infrastructure are protected by embedding appropriate security controls into architectural designs.
Produce and maintain architectural documentation, reporting, and communication with relevant stakeholders.
Embed the existing Security Architecture Framework and associated assurance approach into delivery to maintain overall (build) assurance of system and service security.
Lead the delivery and assurance of security requirements as part of new demands, ensuring requirements are captured, traced, and assured through design, delivery, and service transition.
Support the customers in the development of Zero Trust Network Architecture (ZTNA) strategies, including a roadmap to achieve target-state capabilities.
Lead security design and security requirements for Microsoft Entra ID, supporting current and shaping the future IDAM strategy and roadmaps.
Lead the Security Architecture Forums, driving decisions, actions, and architectural governance outcomes for customer programmes.
Lead engagement with the broader architect community to embed security-by-design into IT Governance, Technical Design Authority (TDA) processes.
Where required (e.g., changing threat landscape or regulatory requirements), lead the development and implementation of security policies and supporting standards to ensure systems stay secure and compliant.

Candidate Information

British – Many of our projects have nationality restrictions.
SC cleared (Or Eligible to undergo SC Vetting) – many of our projects have nationality restrictions.

Education/Experience

Experience in a security architecture or senior security engineering role.
Experience in a technical leadership or architecture-focused position.
Relevant security architecture certifications (e.g., SABSA, TOGAF, CISSP-ISSAP, Microsoft Certified: Cybersecurity Architect Expert, AWS Certified Security – Specialty, or similar) are an advantage.

Essential Process Skills/Experience

Excellent verbal and written communication skills; works well in a team environment.
Experience of the IT systems engineering and architecture lifecycle.
Understanding of the controlling processes for the systems engineering lifecycle (e.g., requirements management, configuration management, testing and assurance) and where security architecture fits into these.
Familiarity with different lifecycles/methodologies (waterfall, incremental, agile, DevOps).
Solid understanding of Confidentiality, Integrity, and Availability (CIA) and practical experience in applying that understanding in architectural delivery.
Experience designing secure solutions for sensitive environments.
Understanding of service operations and security operational management planning.
Awareness of Security Frameworks such as ISO 27001, ISO 27002, NIST, and NCSC Cloud Security Principles.
Experience mentoring and acting in a team lead or senior role, supporting junior members of the team. Experience working on accredited security solutions in sensitive government or CNI scenarios.

Desirable Experience

Experience working in both customer delivery and consulting environments.
Experience in SecDevOps, infrastructure as code, or security as code.
Experience working in CNI or Public Sector project environments.
Working within an AGILE environment.
Experience defining and implementing Zero Trust / ZTNA roadmaps and identity security patterns (e.g., Microsoft Entra ID governance and access controls)

Technology Skills/Experience

Deep understanding of network and boundary protection technologies (firewalls, mail gateways, load balancers, anti-virus, IPS, IDS).
Evidence of experience architecting Cloud Security Controls on both Azure and AWS.
Practical experience with Protective Monitoring systems (SIEM/SOC) and the principles of their deployment.
Understanding of authentication and authorisation technologies (SAML, LDAP, PKI, etc.).
Strong grasp of encryption protocols, structures, and their deployment in secure architectures.
Experience defining and implementing security requirements for systems, including:
Microsoft OS
Linux OS
Virtualisation technologies
Networking
Endpoint Security Products
Communication And Soft Skills