Lead Cyber Security Architect

Job summary

The Department for Business and Trade (DBT) has a clear mission - to grow the economy. Our role is to help businesses invest, grow and export to create jobs and opportunities right across the country. We do this in three ways.

Firstly, we help to build a strong, competitive business environment, where consumers are protected and companies rewarded for treating their employees properly.

Secondly, we open international markets and ensure resilient supply chains. This can be through Free Trade Agreements, trade facilitation and multilateral agreements.

Finally, we work in partnership with businesses every day, providing advance, finance and deal-making support to those looking to start up, invest, export and grow.

The Digital, Data and Technology (DDaT) directorate develops and operates tools and services to support us in this mission. The team have been nominated four times in a row for ‘Best Public Sector Employer’ at the Women in Tech awards and won the award in 2025!

Job description

In DBT our Lead Security Architects are responsible for delivering the secure design and development of solutions within the department. They will support the Principal Security Architects and stakeholders in the security engagement for all projects ensuring that the department’s security design standards are adhered to through operational involvement.

This challenging role incorporates aspects of security architecture, cyber risk management and cyber security policy. You will collaborate with the Principal Security Architect and across DBT to identify new opportunities for exploiting emerging technologies and support the development of architectures, patterns and approaches to support their safe use in accordance with the department’s risk appetites. At all times your goal is to help ensure delivery of systems that meet the desired business outcomes with security decisions and controls being proportionate to the risk appetite.

You will build effective partnerships with diverse teams across multiple locations and technologies and effectively communicate security and risk implications across technical and non-technical stakeholders. You will manage other Security Architects as we grow the team, covering critical review architecture referencing National Cyber Security Centre (NCSC) guidelines and to guide and mentor others throughout DBT on all aspects of security architecture and best practice.

Main responsibilities

You will:

• Interact with senior stakeholders across DBT
• Reach and influence a wide range of people across larger teams and communities
• Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions
• Develop vision, principles and strategy for security architects for projects or technologies
• Work out subtle security needs
• Understand the impact of decisions, balancing requirements and deciding between approaches
• Produce patterns and support quality assurance
• Support the technical design of systems and services

Person specification

It is essential that you have:

• Proficiency in applying security concepts to a technical level, including working with security tools, network security infrastructure technologies, and information security management frameworks (e.g., ISO 27001, NIST) (Lead Criteria)
• Hands-on experience in supporting and evaluating the secure high-level and low-level design of major products, services, and complex solutions, with the ability to review secure system architectures through the development of patterns and principles
• Experience guiding effective decisions on risks, based on information assurance risk assessment methodology, with clear documentation and decision-making
• Strong understanding of NCSC information security guidance and architecture patterns alongside familiarity with architecture methodologies such as SABSA and TOGAF
• Excellent communication skills, with the ability to apply security concepts to a technical level and effectively translate and communicate security and risk implications across technical and non-technical stakeholders

It is desirable that you have:

• Knowledge of Secure by Design principles
• Experience with penetration testing and the ability to effectively translate cyber risk analysis into standards, patterns, and approaches to enable the safe exploitation of current and emerging technologies

Behaviours

We'll assess you against these behaviours during the selection process:

• Seeing the Big Picture

Technical skills

We'll assess you against these technical skills during the selection process:

• Analysis
• Communication (security architect)
• Designing secure systems
• Enabling and informing risk-based decisions
• Research and innovation
• Security technology
• Understanding security implications of transformation

Benefits

• Learning and development tailored to your role
• A flexible, hybrid working environment with options like condensed hours
• A culture encouraging inclusion and diversity
• A Civil Service pension with an average employer contribution of 28.97%
• Annual leave starting at 25 days rising to 30 days with service
• Three paid volunteering days a year
• An employee benefits programme including cycle to work

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

As part of the application process you will be asked to upload a two-page CV and complete a 750-word personal statement outlining how you meet the essential skills and experience listed above. You can use bullet points and subheadings if you prefer.

Sift will be from 25th February 2026

Interviews will be from 9th March 2026

Please note these dates are indicative and may be subject to change.

If there is a high volume of applications, we will sift looking at the lead criteria ‘Proficiency in applying security concepts to a technical level, including working with security tools, network security infrastructure technologies, and information security management frameworks (e.g., ISO 27001, NIST)’ only. You may then be progressed to full sift or straight to interview.

How we interview

At the interview stage for this role, you will be asked to demonstrate relevant Technical Skills and Behaviours from the Success Profiles framework. These are role specific and in line with the Government Security Profession Career Framework.

You will also be asked to deliver a presentation and will be informed on the topic following the sift.

How we offer

Offers will be made in merit order based on location preferences. If you pass the bar at interview but are not the highest scoring you will be held on a 12-month reserve list in case a role becomes available. If you are judged a near miss at interview, you may be offered a post at the grade below the one you applied for.

This role requires SC clearance. DBT’s requirement for SC clearance is to have been present in the UK for at least 3 of the last 5 years. Failure to meet this requirement will result in your application being rejected and your offer will be withdrawn.

Checks will also be made against:

• departmental or company records (personnel files, staff reports, sick leave reports and security records)
• UK criminal records covering both spent and unspent criminal records
• your credit and financial history with a credit reference agency
• security services record
• location details

More about us

This role can only be worked from within the UK, not overseas. If you are based in London, you will receive London weighting. DBT employees work in a hybrid pattern, spending 2-3 days a week (pro rata) in the office on average. Travel to your primary office location will not be paid for by DBT, but costs for travel to an office which is not your main location will be covered.

You can find out more about our office locations, how we calculate salaries, our diversity statement and reasonable adjustments, the Recruitment Principles, the Civil Service code and our complaints procedure in the candidate pack attached to this advert.

Find out more about life at DBT, our benefits and meet the team by watching our video or reading our blog!

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : DDaT Recruitment
• Email : Ddat.recruitment@businessandtrade.gov.uk

Recruitment team

• Email : Ddat.recruitment@businessandtrade.gov.uk

Further information

Our recruitment process is underpinned by the principle of appointment on the basis of fair and open competition and appointment on merit, as outlined in the Civil Service Commissioners’ Recruitment Principles. If you feel your application has not been treated in accordance with these principles and you wish to make a complaint, you should in the first instance contact DBT by email at Resourcing@trade.gov.uk. If you are not satisfied with the response you receive, you can contact the Civil Service Commission, which regulates all Civil Service recruitment. For further information on bringing a complaint to the Civil Service Commission please visit their web pages: Civil Service Commission Complaints

Attachments

DDaT Candidate Pack Opens in new window (pdf, 506kB)