Cyber Security Architect

Intellectual Property Office
Duffryn, United Kingdom
14 days ago

Role details

Contract type
Permanent contract
Employment type
Part-time / full-time
Working hours
Shift work
Languages
English
Experience level
Senior
Compensation
£ 59K

Job location

Remote
Duffryn, United Kingdom

Tech stack

User Authentication
Computer Security
Identity and Access Management
PCI Data Security Standards

Job description

The Security Architect works closely with the Chief Security Officer, Head of Cyber, Lead Security Architect and the wider security team to develop an IPO vision for security and evolution of the security strategy and supporting roadmaps.

The role of IPO Security Architect is part of the IPO Secure team at the Intellectual Property Office. Playing a key part in an established team, the individual is responsible for ensuring the continued compliance with key security standards, such as PCI, ISO27001, secure by design, GovAssure etc.

It is essential that this role ensures that security architecture alongside compliance are understood and therefore the role will include championing security by design.

The Security Architect is essential in shaping security solutions and controls across multiple platforms (on-premises, cloud, hybrid) providing oversight, support, and advice to enable technical teams to make security decisions.

They ensure that common tools and patterns are used effectively to deliver secure systems, whilst implementing proportionate controls to enable positive business outcomes thereby safeguarding the IPO’s data, essential services and the supporting infrastructure.

They ensure Secure by Design principles are adopted, and coordinate on assurance against the National Cyber Security Centre’s Cyber Assessment Framework with the Government’s GovAssure framework

Working Style

This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office.

The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working arrangements with the recruiting manager to agree a reasonable balance between working from home and the office., Main duties consist of but are not limited to:

  • Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design)
  • Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT.
  • Manage the security architecture compliance roadmap, ensuring activities are organised and planned in with relevant teams in an efficient manner, ensuring it aligns closely with the IPO Secure Team’s strategic direction and any recommendations from audits
  • Continuously keep up to date with changing compliance legislation and initiatives to assess new opportunities for educating colleagues on relevant security standards.
  • Recommend security controls and identify security solutions that support business objectives.
  • Provide expert security guidance and direction during the design, implementation and use phases of systems, applications and infrastructure.
  • Provide specialist advice and recommendations regarding approaches and technologies across teams and various stakeholders, assessing the risk associated with proposed changes.
  • Inspire and influence others to execute security principles, communicating widely with other stakeholders.
  • Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office.
  • Assist, where necessary, with incident response processes to identify architectural issues and solutions.
  • Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions
  • You will be expected to carry out any other duties that may reasonably be required in line with your main duties., This post is being advertised to Internal, across Government and external candidates at the same time.

Incomplete and/or late submissions will not be accepted or considered. Feedback will only be provided if you attend an interview or assessment.

We do not routinely reimburse travel expenses for candidates, however if participating in the selection process would cause you undue financial hardship or if it restricts your ability to participate, please contact the recruitment team for more information.

In line with Government guidance, successfully appointed candidates will need to provide documents for our Right to Work checks. Information on this will be sent within the invite to interview text.

If you require a reasonable adjustment at any stage of the recruitment process, then please let the recruitment team know via;recruitment@ipo.gov.uk

In the event of a high volume of applications, the Intellectual Property Office (IPO) reserves the right to raise the minimum qualifying score at sift to manage volumes and ensure a proportionate and fair assessment process.

Please be aware that only one application per candidate is permitted for each recruitment campaign. Multiple applications, including those made using different accounts, may result in your application being withdrawn or rejected at any stage of the process.

For more information on the IPO’s terms and conditions, please review the attached IPO Modernised Terms and Conditions document attached at the bottom of this advert. Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .

See our vetting charter . People working with government assets must complete baseline personnel security standard (opens in new window) checks., * UK nationals

  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Requirements

Essential Experience

  • Broad technical knowledge, especially around cloud and hybrid technologies.
  • Solid understanding of Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad.
  • Solid understanding of security protocols, networking, identity management, authentication, authorisation, and cryptography.
  • Excellent communication and interpersonal skills. Ability to interact with stakeholders of all levels to effectively articulate security controls, solutions, and advice. Capable of switching between technical and non-technical language.
  • Capable of evaluating options and making decisions quickly and effectively.
  • A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.
  • Sense of Urgency – ability to address situations, incidents or tasks proactively and promptly
  • Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs., * Solid understanding of Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad.
  • Solid understanding of security protocols, networking, identity management, authentication, authorisation, and cryptography.
  • Capable of evaluating options and making decisions quickly and effectively.
  • Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs., Successful candidates must pass a disclosure and barring security check and if successful you must also hold, or be willing to obtain, a higher Security Clearance.

For meaningful checks to be carried out individuals will need to have lived in the UK for a sufficient period of time, depending on the level of clearance, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. For this role the successful individual will need to have consistently lived in the UK for a minimum 5 years in order to meet the relevant security clearance.

Benefits & conditions

Pulled from the full job description

  • Annual leave

  • Company pension, £47,766 - £58,575 Maximum salary amount includes Recruitment Retention Allowance and Technical Allowances of up to £8,420.Final salary package will be dependent on skills and experience. A Civil Service Pension with an employer contribution of 28.97% GBP, Alongside your salary of £47,766, Intellectual Property Office contributes £13,837 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides .

  • Unlimited Pluralsight video learning access

  • Access to Microsoft’s ESI training suite

  • Hybrid working with no core hours

  • Substantial support for career progression

  • 25 days annual leave moving to 30 days in annual increments

  • You will also get 8 days public leave and 1 day privilege leave

Apply for this position