Lead Security Architect

Job summary

We are MHCLG

Here at the Ministry of Housing and Local Communities (MHCLG), we work on things that make a real difference to people’s lives. Whether it's through the homes we live in, the work of our local councils, or the communities we’re all a part of, our work is at the top of the political agenda. We have ambitious and far-reaching outcomes to achieve this year and, if you’re thinking of joining us, there’s never been a more exciting time. We have circa 3,500 staff who are based in 20 offices across the UK.

We are looking for a highly skilled Lead Security Architect to shape and deliver our organisation’s security architecture strategy. You will ensure our digital and cloud services are secure, resilient, and aligned with government standards, working across Azure and AWS environments. As a Lead Security Architect, you will: Set security architecture direction, standards and governance approach. Set direction and contribute to, as well as create, reusable cloud design patterns that embed security standards and controls, while providing expert security architecture guidance and advice. Collaborate with Enterprise Architects, Platform Architects, and Cyber Security teams. Embed secure by design principals across programmes and projects. Conduct design reviews for projects and platform teams artefacts ensuring alignment with security best practices, standards and policies.

You will enable teams to deliver secure, innovative digital services at scale, balancing risk and compliance with modern technology solutions.

Find out more about our Digital teams and what they are working on through our MHCLG Digital blog. Please note that MHCLG do not offer visa sponsorship and applicants will need a valid visa for the duration of your employment.

Job description

As a Lead Security Architect, you'll:

• Lead the design and assurance of secure system architectures, defining reusable patterns, principles, and guardrails for complex cloud and network services in collaboration with Enterprise Architects
• Act as a trusted technical advisor to product, cyber, architecture, and engineering teams, enabling the delivery of secure, scalable, cloud hosted service
• Communicate security and risk considerations effectively to both technical and nontechnical stakeholders, aligning expectations and building consensus
• Drive risk based decision making through threat modelling, structured risk assessments, and assurance of major change and transformation initiatives
• Develop, maintain, and embed architectural standards, policies, and models that align with regulatory and organisational requirements
• Ensure services adhere to NCSC and wider government SecurebyDesign principles throughout the delivery lifecycle
• Provide architectural and security guidance, mentoring, and support; foster a culture of collaboration, inclusion, and continuous improvement across engineering and architecture communities
• Contribute to the organisation's future state architecture, including cloud migration strategies and platform modernisation initiatives
• Offer line management, coaching, and thought leadership to build high performing teams and an environment that encourages innovation and professional growth

Person specification

As a Lead Security Architect, you’ll have:

• Demonstratable track record in designing and assuring secure architectures across premises environments and major cloud platforms (AWS and Azure)
• Strong experience producing enterprise patterns, templates, and reusable architectural designs
• Deep expertise in AWS/Azure security, governance, architecture practices, and crossplatform service design including AIrelated services
• Strong understanding of security in the SDLC (shiftleft), including GitHub, Terraform, Microsoft 365 Defender, Databricks, and Zero Trust
• In depth knowledge of security frameworks and regulatory requirements (GDPR, PCI DSS, etc.)
• Expertise in network security: segmentation, firewalls, VPNs, IDS/IPS
• Familiarity with IAM, SIEM, DLP, encryption, vulnerability management, and SOAR
• Strong understanding of application security for web, APIs, and microservices, including secure coding and threat modelling
• Demonstrated leadership within enterprise architecture; able to set standards and guide teams effectively
• Ability to deliver enterprise architectures and security roadmaps, especially for cloud transformation; strong senior level stakeholder management

Desirable Criteria:

• Professional security or cloud security certifications (e.g., CISSP, SABSA, AWS Security Specialty, Microsoft Cybersecurity Architect Expert)
• Experience applying SecurebyDesign and Gov Assure approaches across government or large federated organisations
• Experience in AI security, including emerging model threats, data interaction risks, and appropriate mitigation strategies

Benefits

Alongside your salary of £56,167, Ministry of Housing, Communities and Local Government contributes £16,271 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.At MHCLG we offer many benefits that range from tailored career pathways and flexible working to MyLifestyle Childcare Voucher and Cycle to Work Schemes. For more information, please click here.

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

Application and Selection

The application process will be split into 2 stages, testing the following Success Profiles:

Behaviours , Experience , Technical

Please ensure your CV does not contain any personally identifiable information.

Note: We do not consider direct CV applications. All applications must be submitted via the provided application link.

Stage 1: Sift (CV)

Experience & Technical: In your CV please describe how you align to the skills and experience listed in the “person specification” section

Stage 2: Interview

• Behaviours: "Making Effective Decisions", "Communicating and Influencing", "Delivering at Pace", "Seeing The Big Picture"
• Experience: Experience questions will be based around the essential skills and criteria as listed in the job description.
• Technical: Technical questions will be based around the essential skills and criteria as listed in the job description*

*Candidates will be asked to prepare a 10-minute presentation, further details will be provided on invitation to interview.

Sift and Interview Dates

Sifting is envisaged to take place the week commencing 6th April 2026.

Interviews are envisaged to take place the week commencing 20th April 2026 and are currently being held remotely via videocall. This could be subject to change.

Group 1 Digital & Data Roles

MHCLG has implemented the Digital and Data capability framework for Group 1 roles. Applicants that are successful and have been offered a position will be required to complete a capability assessment after the interview.

MHCLG will honour completed capability assessments for this role from other Government Departments for existing civil servants on level transfer only.Please provide a copy of your capability assessment to the Hiring Manager when applying. If you have any queries on pay, please contact the Hiring Manager.

Each experience or technical skill is assessed between 1-3, representing working towards, at or above the job level requirements. You are awarded a proficiency level accordingly, and you will be given opportunity to annually re assess your capability and potentially increase your overall remuneration, through payment of allowances, depending on level of assessed capability.

Candidates moving from another government department have the option to retain their current basic pay if this is within our pay band for the relevant grade.

Grade 7 Group 1 Digital and Data salary

• The basic pay for this role will be between £61,745 - £72,112 (London), £56,167 - £66,581 (National). Candidates will usually be recruited to the median of the payscale.
• A digital allowance may also be payable depending on the level of assessed capability, in order to meet the MHCLG overall targeted remuneration rate for the specific grade, location and capability rating.
• For applicants in receipt of existing allowances, we will assess each case individually, but we would seek not to exceed the MHCLG overall targeted remuneration rate for the specific grade, location and capability rating for existing civil servants, the usual policy on level transfer and promotion will apply, subject to the statements above.

How We Recruit

Find out everything you need to know before applying here..

• Applying
• Sifting
• Interview
• Interview Results & Feedback
• Reserve List
• Near Miss
• Civil Service Grades
• We are a DCS, RIS & GPTWV employer
• Reasonable Adjustments

How to Apply

What you need to know before applying.

• Security Clearance Requirements
• Civil Service Nationality Requirements
• Right to Work
• Artificial Intelligence
• Civil Service Code and Recruitment Principles
• CV Declaration
• Sponsorships
• Salary and Grade
• Existing Civil Servants
• Conflict of Interest
• Location and Flexible Working
• Fixed Term Contracts
• Internal Fraud Database - Internal Fraud Register
• Appeals and Complaints
• Conflict of Interest

Security Clearance Requirements

National Office: +SC

London Office: + SC

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : Digital data jobs
• Email : Digitaldatajobs@communities.gov.uk

Recruitment team

• Email : Digitaldatajobs@communities.gov.uk