Security Architect - Central Govt - 12 Months - Glasgow

Security Architecture & Assurance

• Provide end-to-end security architecture oversight for a major government secure platform.
• Review, challenge, and assure HLDs/LLDs across Windows, Linux, networks, gateways, identity, and virtualisation layers.
• Ensure all change aligns with NCSC guidance, secure-by-design principles, and departmental architecture standards.
• Produce security impact assessments, design notes, and assurance evidence for governance forums.

On-Prem Infrastructure Expertise

• Apply deep hands-on knowledge of Active Directory, Windows Server, Linux, VMware, network segmentation, and secure datacentre patterns.
• Support engineering teams with complex troubleshooting, BAU improvements, and risk-based decision making.
• Validate platform configurations, integrations, and operational control measures.

Operational Security & BAU Support

• Provide pragmatic, risk-aware advice on ongoing platform change and incremental improvements.
• Support the assessment of vulnerabilities, patching, logging improvements, and monitoring enhancements.
• Work closely with operations teams to ensure controls remain effective and maintain audit readiness.

Secure Governance & Compliance

• Participate in technical and security governance forums across the programme.
• Present security positions, risks, and mitigations to senior stakeholders.
• Ensure compliance with internal standards, government security classifications, and protective-monitoring requirements.

Stakeholder Collaboration

• Work closely with engineering, networking, platform operations, commercial, and delivery teams.
• Act as a trusted technical advisor to project leads, assuring that proposed solutions are viable within a high-security ecosystem.
• Foster a collaborative, security-minded culture across the programme.

Design Improvements & Roadmapping

• Identify risks, gaps, and opportunities to improve platform security and performance.
• Recommend upgrades, hardening activities, and architectural improvements.
• Contribute to forward-looking security roadmap discussions.

A central-government client is seeking an experienced Security Architect to provide technical security leadership for a major secure on-premise collaboration platform. This role requires someone who is highly hands-on, deeply familiar with secure infrastructure environments, and confident providing design assurance across Windows, Linux, VMware, Active Directory, networking, and security controls., * Extensive experience as a Security Architect within secure central-government, defence, or national-security environments.

• Strong hands-on experience with on-prem infrastructure:

• Windows Server, Linux, AD, Group Policy
• VMware/vSphere
• Firewalls, gateways, proxies, segmentation
• Secure datacentre networks

• Demonstrable experience performing technical design assurance, reviewing HLDs/LLDs, and challenging engineering decisions.
• Comfortable working in BAU-heavy, Legacy, and constrained secure environments.
• Strong understanding of NCSC good practice, security standards, and protective monitoring.
• Ability to work in a small, deeply technical architecture team with high autonomy.
• Excellent communication skills, able to explain technical risks to non-technical stakeholders.

Desirable

• Experience supporting SECRET-level or above environments.
• Familiarity with secure VDI, Citrix, or hardened desktop platforms.
• Understanding of government security governance (eg, ISRA, RMADS, SysAcc).
• Exposure to cross-government shared services or multi-agency secure platforms.

Clearance Requirements

• Active SC clearance is essential
• Candidates must be eligible and willing to undergo additional security checks (DV highly desirable).
• Applications will be rejected if