Lead Security Architect

Here at the Ministry of Housing and Local Communities (MHCLG), we work on things that make a real difference to people's lives. Whether it's through the homes we live in, the work of our local councils, or the communities we're all a part of, our work is at the top of the political agenda. We have ambitious and far-reaching outcomes to achieve this year and, if you're thinking of joining us, there's never been a more exciting time. We have circa 3,500 staff who are based in 20 offices across the UK. We are looking for a highly skilled Lead Security Architect to shape and deliver our organisation's security architecture strategy. You will ensure our digital and cloud services are secure, resilient, and aligned with government standards, working across Azure and AWS environments. As a Lead Security Architect, you will: Set security architecture direction, standards and governance approach. Set direction and contribute to, as well as create, reusable cloud design patterns that embed security standards and controls, while providing expert security architecture guidance and advice. Collaborate with Enterprise Architects, Platform Architects, and Cyber Security teams. Embed secure by design principals across programmes and projects. Conduct design reviews for projects and platform teams artefacts ensuring alignment with security best practices, standards and policies. You will enable teams to deliver secure, innovative digital services at scale, balancing risk and compliance with modern technology solutions. Find out more about our Digital teams and what they are working on through our . Please note that MHCLG do not offer visa sponsorship and applicants will need a valid visa for the duration of your employment., As a Lead Security Architect, you'll:

• Lead the design and assurance of secure system architectures, defining reusable patterns, principles, and guardrails for complex cloud and network services in collaboration with Enterprise Architects

• Act as a trusted technical advisor to product, cyber, architecture, and engineering teams, enabling the delivery of secure, scalable, cloud hosted service

• Communicate security and risk considerations effectively to both technical and nontechnical stakeholders, aligning expectations and building consensus

• Drive risk based decision making through threat modelling, structured risk assessments, and assurance of major change and transformation initiatives

• Develop, maintain, and embed architectural standards, policies, and models that align with regulatory and organisational requirements

• Ensure services adhere to NCSC and wider government SecurebyDesign principles throughout the delivery lifecycle

• Provide architectural and security guidance, mentoring, and support; foster a culture of collaboration, inclusion, and continuous improvement across engineering and architecture communities

• Contribute to the organisation's future state architecture, including cloud migration strategies and platform modernisation initiatives

• Offer line management, coaching, and thought leadership to build high performing teams and an environment that encourages innovation and professional growth, *Candidates will be asked to prepare a 10-minute presentation, further details will be provided on invitation to interview. Sift and Interview Dates Sifting is envisaged to take place the week commencing 6th April 2026. Interviews are envisaged to take place the week commencing 20th April 2026 and are currently being held remotely via videocall. This could be subject to change. Group 1 Digital & Data Roles MHCLG has implemented the Digital and Data capability framework for Group 1 roles. Applicants that are successful and have been offered a position will be required to complete a capability assessment after the interview. MHCLG will honour completed capability assessments for this role from other Government Departments for existing civil servants on level transfer only.Please provide a copy of your capability assessment to the Hiring Manager when applying. If you have any queries on pay, please contact the Hiring Manager. Each experience or technical skill is assessed between 1-3, representing working towards, at or above the job level requirements. You are awarded a proficiency level accordingly, and you will be given opportunity to annually re assess your capability and potentially increase your overall remuneration, through payment of allowances, depending on level of assessed capability. Candidates moving from another government department have the option to retain their current basic pay if this is within our pay band for the relevant grade. Grade 7 Group 1 Digital and Data salary

• The basic pay for this role will be between £61,745 - £72,112 (London), £56,167 - £66,581 (National). Candidates will usually be recruited to the median of the payscale.

• A digital allowance may also be payable depending on the level of assessed capability, in order to meet the MHCLG overall targeted remuneration rate for the specific grade, location and capability rating.

• For applicants in receipt of existing allowances, we will assess each case individually, but we would seek not to exceed the MHCLG overall targeted remuneration rate for the specific grade, location and capability rating for existing civil servants, the usual policy on level transfer and promotion will apply, subject to the statements above.

How We Recruit .

• Applying
• Sifting
• Interview
• Interview Results & Feedback
• Reserve List
• Near Miss
• Civil Service Grades
• We are a DCS, RIS & GPTWV employer
• Reasonable Adjustments

How to Apply

• Security Clearance Requirements
• Civil Service Nationality Requirements
• Right to Work
• Artificial Intelligence
• Civil Service Code and Recruitment Principles
• CV Declaration
• Sponsorships
• Salary and Grade
• Existing Civil Servants
• Conflict of Interest
• Location and Flexible Working
• Fixed Term Contracts
• Internal Fraud Database -
• Appeals and Complaints
• Conflict of Interest

Security Clearance Requirements National Office: +SC London Office: + SC Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is . .People working with government assets must complete checks. Nationality requirements This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

• Demonstratable track record in designing and assuring secure architectures across premises environments and major cloud platforms (AWS and Azure)
• Strong experience producing enterprise patterns, templates, and reusable architectural designs
• Deep expertise in AWS/Azure security, governance, architecture practices, and crossplatform service design including AIrelated services
• Strong understanding of security in the SDLC (shiftleft), including GitHub, Terraform, Microsoft 365 Defender, Databricks, and Zero Trust
• In depth knowledge of security frameworks and regulatory requirements (GDPR, PCI DSS, etc.)
• Expertise in network security: segmentation, firewalls, VPNs, IDS/IPS
• Familiarity with IAM, SIEM, DLP, encryption, vulnerability management, and SOAR
• Strong understanding of application security for web, APIs, and microservices, including secure coding and threat modelling
• Demonstrated leadership within enterprise architecture; able to set standards and guide teams effectively
• Ability to deliver enterprise architectures and security roadmaps, especially for cloud transformation; strong senior level stakeholder management, * Professional security or cloud security certifications (e.g., CISSP, SABSA, AWS Security Specialty, Microsoft Cybersecurity Architect Expert)
• Experience applying SecurebyDesign and Gov Assure approaches across government or large federated organisations
• Experience in AI security, including emerging model threats, data interaction risks, and appropriate mitigation strategies

Benefits Alongside your salary of £56,167, Ministry of Housing, Communities and Local Government contributes £16,271 towards you being a member of the Civil Service Defined Benefit Pension scheme. At MHCLG we offer many benefits that range from tailored career pathways and flexible working to MyLifestyle Childcare Voucher and Cycle to Work Schemes. For more information, please click . Things you need to know Artificial intelligence Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our for more information on appropriate and inappropriate use. Selection process details Application and Selection The application process will be split into 2 stages, testing the following Success Profiles: Behaviours , Experience , Technical Please ensure your CV does not contain any personally identifiable information. Note: We do not consider direct CV applications. All applications must be submitted via the provided application link. Stage 1: Sift (CV) Experience & Technical: In your CV please describe how you align to the skills and experience listed in the "person specification" section Stage 2: Interview

• Behaviours: "Making Effective Decisions", "Communicating and Influencing", "Delivering at Pace", "Seeing The Big Picture"
• Experience: Experience questions will be based around the essential skills and criteria as listed in the job description.
• Technical: Technical questions will be based around the essential skills and criteria as listed in the job description*