Principal Security Architect

Job summary

The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern digital government.

Our priorities are to drive a modern digital government, by:

1. joining up public sector services
2. harnessing the power of AI for the public good
3. strengthening and extending our digital and data public infrastructure
4. elevating leadership and investing in talent
5. funding for outcomes and procuring for growth and innovation
6. committing to transparency and driving accountability

We are home to the Incubator for Artificial Intelligence (I.AI), the world-leading GOV.UK and at the forefront of coordinating the UK’s geospatial strategy and activity. We lead the Government Digital and Data function and champion the work of digital teams across government.

We’re part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol.

The Government Digital Service is where talent translates into impact. From your first day, you’ll be working with some of the world’s most highly-skilled digital professionals, all contributing their knowledge to make change on a national scale.

Join us for rewarding work that makes a difference across the UK. You'll solve some of the nation’s highest-priority digital challenges, helping millions of people access services they need

Job description

The GOV.UK One Login for Government Programme represents a once in a generation opportunity to simplify and widen access to all digital government services. Sitting at the heart of the government, we are building one simple, safe and secure way for users to log in and prove who they are that will work across all government services.

The GOV.UK One Login programme is full of talented and passionate people who are consistently delivering high quality products for services and individuals. We’re half way through our build phase and features are being shipped almost weekly as we work to mature our product set so that we can expand the range of services and departments benefitting from our work.

Sometimes described as the most strategic programme in government, GOV.UK One Login represents a once in a career opportunity to work on a software product that will be used by the majority of the people living in the UK. It’s a fast paced, dynamic and challenging environment that is sure to offer you career satisfaction as well as a chance to develop and enhance your skills.

If this sounds like the next role for you on your career journey then we’d love to hear from you.

Find out more at the GDS Blog.

One Login is the secure front door for millions accessing digital public services. Given the scale and criticality, security, reliability, and resilience are paramount to our mission. This high-profile role requires an experienced Principal Security Architect and leader with a proven track record of strategic direction and managing security products in a complex environment.

You will be the driving force behind the Security as a Product concept within the One Login system. This involves leading the development, delivery, and continuous improvement of security as an essential, integrated capability across all services. You will seamlessly embed security into systems and operations by collaborating closely with product teams, engineering, architecture, governance, and senior stakeholders. Your mandate will be to manage the entire security product lifecycle, expertly balancing security risks, programme objectives, user needs, and technical constraints.

As a Principal Security Architect, you will be responsible for:

• shaping and delivering the security architecture and roadmap in alignment with the overarching cyber security strategy and wider programme objectives, ensuring security objectives support wider business goals and developing metrics and reporting to demonstrate security posture and maturity
• defining and evolving security architecture capabilities as part of the overall service ecosystem, communicating the value of security to technical and non-technical stakeholders and collaborating with cross-functional teams
• leading cross-functional teams to design and deliver security controls, improvements, and risk mitigation in line with enterprise priorities and compliance requirements
• acting as a trusted advisor to senior management and programme boards, on product security matters, risks, and opportunities
• establishing and overseeing governance frameworks for One Login products and services, and developing reporting and KPIs to demonstrate security posture and maturity
• working with government departments, industry partners, and regulatory bodies to assess and manage shared risks and influence best practices
• ensuring the programme meets stringent public sector security requirements, including those from NCSC CAF, Secure by Design principles, or other applicable frameworks
• working in close collaboration with the Head of Security Operations for One Login and the GDS CISO, take responsibility for embedding a robust security culture across the programme. Act as a champion for security; setting out a vision and strategy with appropriate governance

Person specification

We’re interested in people who:

• have a strong track record of experience in security architecture at a leadership level, ideally for a Critical National Infrastructure (CNI) or comparable risk/profile/impact level product
• are experienced in managing security as a product/service, evolving capabilities over time, and communicating value to both technical and non-technical stakeholders
• are skilled in leading cross-functional teams to deliver security initiatives, controls, and risk mitigations in alignment with enterprise priorities, compliance requirements, and regulatory standards
• have hands-on experience managing security against recognised frameworks (e.g., NCSC CAF) and driving continuous improvement through assessment and assurance processes
• are a trusted advisor to senior leaders, programme boards, and external partners, with the ability to explain complex security risks and opportunities in a clear and actionable way
• have strong interpersonal skills and ability to work with product, engineering, enterprise architecture, privacy, and operations teams to integrate security seamlessly into service delivery

Benefits

There are many benefits of working at GDS, including:

• flexible hybrid working with flexi-time and the option to work part-time or condensed hours
• a Civil Service Pension with an average employer contribution of 28.97%
• 25 days of annual leave, increasing by a day each year up to a maximum of 30 days
• an extra day off for the King’s birthday
• an in-year bonus scheme to recognise high performance
• career progression and coaching, including a training budget for personal development
• a focus on wellbeing with access to an employee assistance programme
• job satisfaction from making government services easier to use and more inclusive for people across the UK
• advances on pay, including for travel season tickets
• death in service benefits
• cycle to work scheme and facilities
• access to an employee discounts scheme
• 10 learning days per year
• volunteering opportunities (5 special leave days per year)
• access to a suite of learning activities through Civil Service learning

Any move to Government Digital Service from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk

Office attendance
The Department operates a discretionary hybrid working policy, which provides for a combination of working hours from your place of work and from your home in the UK. The current expectation for staff is to attend the office or non-home based location for 40-60% of the time over the accounting period.
DSIT does not normally offer full home working (i.e. working at home); but we do offer a variety of flexible working options (including occasionally working from home).

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

The standard selection process for roles at GDS consists of:

• a simple application screening process - We only ask for a CV and cover letter of up to 750 words. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “person specification” section above
• a 60 minute video interview

Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.

In the event we receive a high volume of applications, we will conduct the initial sift against the lead criteria which is:

• have a strong track record of experience in security architecture at a leadership level, ideally for a Critical National Infrastructure (CNI) or comparable risk/profile/impact level product

In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We’ll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.

For this role we’ll be assessing you against the following Civil Service Behaviours:

• changing and improving
• making effective decisions
• leadership
• communicating and influencing

We’ll also be assessing your experience and specialist technical skills against the following skills defined in the Government Digital and Data Capability Framework for the Principal Security Architect role:

• Designing secure systems
• Enabling and informing risk-based decisions
• Research and innovation
• Security technology
• Understanding security implications of transformation
  

Want to know more about who Government Digital and Data are? Click Here

Recruitment Timeline

Sift completion: Friday 13th March 2026

Panel interviews: Starting week commencing Monday 23rd March 2026

Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.

A reserve list will be held for a period of 12 months, from which further appointments can be made.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

Please note that this role requires SC clearance, which would normally need 5 years’ UK residency in the past 5 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.

For meaningful checks to be carried out, you will need to have lived in the UK for a sufficient period of time, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. Whilst a lack of UK residency in itself is not necessarily a bar to a security clearance, and expectation of UK residency may range from 3 to 5 years. Failure to meet the residency requirements needed for the role may result in the withdrawal of provisional jobs offers.

Sponsorship

DSIT cannot offer Visa sponsorship to candidates through this campaign. DSIT holds a Visa sponsorship licence but this can only be used for certain roles and this campaign does not qualify.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : gdsrecruitment@dsit.gov.uk
• Email : gdsrecruitment@dsit.gov.uk

Recruitment team

• Email : gdsrecruitment@dsit.gov.uk

Further information

If you feel your application has not been treated in accordance with the Recruitment Principles and you wish to make a complaint, you should contact gds-complaints@dsit.gov.uk in the first instance.

If you are not satisfied with the response you receive you can contact the Civil Service Commission by email: info@csc.gov.uk Or in writing: Civil Service Commission, Room G/8 1 Horse Guards Road, London, SW1A 2HQ.