Principal Security Architect

Job summary

Across government, secure architecture has become a critical discipline in ensuring that digital services are resilient, trustworthy and designed to withstand an evolving and increasingly sophisticated threat landscape. As organisations adopt cloud-first strategies, modern development practices and complex supply chains, the need for strong security leadership at the design stage has never been greater. Embedding security from the outset—rather than retrofitting controls—enables organisations to deliver services safely, efficiently and at scale, while maintaining public trust and meeting regulatory obligations.

At Ofgem, secure system design is fundamental to delivering our mission to protect energy consumers and support the transition to a secure, affordable and sustainable energy system. As we continue to expand our digital, data and technology capabilities, it is essential that security is built into every layer of our services and platforms. Within the Digital, Data and Security Services (DDSS) directorate, we are strengthening our security architecture capability to ensure consistent, high-quality, “secure by design” approaches across the organisation.

As a Principal Security Architect, you will provide strategic leadership and deep technical expertise to ensure that Ofgem’s systems, services and programmes are designed and developed in line with security best practice and government standards. You will operate at the highest levels of the organisation, influencing critical architectural decisions and shaping long-term security strategy.

This is a highly influential and technically demanding role, combining expert-level security knowledge with strong leadership, stakeholder engagement and the ability to operate across complex environments. You will act as a trusted advisor, enabling teams to make informed, risk-based decisions while ensuring that security remains a key enabler of business outcomes.

Job description

You will be responsible for:

• Leading the embedment of secure-by-design principles across application development and digital services, ensuring consistent and effective implementation
• Providing expert advice and internal consultancy on complex security architecture challenges across multiple projects and technologies
• Leading security architecture assurance activities, aligned with the Cyber Assessment Framework (CAF) and NCSC guidance
• Influencing strategic and architectural decisions, working closely with senior stakeholders across Ofgem and wider government
• Developing and shaping long-term security architecture strategies, principles and standards across the organisation
• Leading the secure development lifecycle, ensuring appropriate tooling, practices and capabilities are in place across engineering teams
• Overseeing application resilience and security posture across the IT estate, reviewing security reports and driving improvements
• Providing thought leadership on security tooling, including static and dynamic analysis, and embedding these into delivery pipelines
• Managing and maintaining risk registers, ensuring risks to security, privacy and resilience are understood, managed and reduced in line with organisational risk appetite
• Leading the assurance of security architecture artefacts for projects and guiding teams through secure delivery practices
• Managing third-party relationships and ensuring that security requirements are effectively embedded into contracts and supplier deliverables
• Supporting governance and reporting through forums such as Technical Design Authority, providing clear insight into security performance and risks

We are looking for:

A highly experienced security architect with expert-level knowledge of security architecture, secure design and secure development practices. You will have a strong track record of leading on complex security challenges and influencing architectural decisions at an organisational level.

You will bring deep technical expertise across IT infrastructure, software development and modern architectures (such as cloud and microservices), along with experience of applying security principles to real-world, complex systems. Your ability to translate business needs into secure, scalable architectural solutions will be key to success in this role.

You will have extensive experience of engaging, advising and influencing stakeholders at all levels, including senior leadership, and be confident communicating complex security concepts in a clear and accessible way. Your ability to build trust and credibility will enable you to drive change and embed best practice across teams.

You will also demonstrate strong experience in risk management, including developing pragmatic approaches to assessing and mitigating security, privacy and resilience risks. Your experience of delivering strategic plans, managing change and tracking benefits will support the organisation in achieving measurable improvements in its security posture.

Professional accreditation such as CISSP, Chartered status via the UK Cyber Security Council, or equivalent will support your credibility. Experience of working across government or within complex, regulated environments, as well as developing security strategies or business cases for change, would be highly beneficial.

Why join Ofgem?

This is an opportunity to play a critical leadership role in shaping how security is designed and delivered across a nationally significant organisation. Your work will directly support Ofgem’s ability to deliver secure, resilient and innovative services, helping to protect consumers and enable the UK’s transition to a Net Zero energy system—at a time when secure digital transformation has never been more important.

Person specification

Essential Criteria

• Expert-level leadership in security architecture and secure design implementation across complex enterprise environments (Lead Criteria)
• Demonstrable experience leading security design and assurance within cloud (Azure) and hybrid digital transformations (Lead Criteria)
• Demonstrable experience leading a small security architecture team.
• Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts.
• Expert in embedding secure design and development principles within digital delivery.

Holds or can obtain the following certifications or equivalent within 6 months:

• Professional certifications such as CISSP, CCSP, SABSA or equivalent.
• Formal Architectural Qualification such as BCS EA Certification or equivalent
• Cloud Architecture Certification: Microsoft Azure Solution Architect (Expert).

Desirable Criteria

• Experience collaborating with NCSC or cross-government secure design forums.
• Demonstrable understanding of EA frameworks such as TOGAF, Zachman

Behaviours

We'll assess you against these behaviours during the selection process:

• Seeing the Big Picture
• Communicating and Influencing
• Working Together

Technical skills

We'll assess you against these technical skills during the selection process:

• You will also be asked to prepare a presentation. Full details of the presentation will be included in the invitation to interview.

Benefits

Alongside your salary of £63,443, OFGEM contributes £18,379 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides (opens in a new window).Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; hybrid working (currently 1 day a week in the office but this is kept under review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

When you press the ‘Apply now’ button, you will be asked to complete personal details (not seen by the sift panel), your career history and qualifications.

You will then be asked to provide a 1250 word ‘personal statement’ evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your supporting statement, how you meet each of the criteria listed in the role profile.

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. You must ensure that any evidence submitted as part of your application or used during interview, including your CV and any statements or examples, are truthful and factually accurate. Ofgem takes any incidences of cheating very seriously. Please ensure all examples provided are of your own experience. Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant applications will be withdrawn from the process. Please note that plagiarism can include presenting the ideas and experiences of others, or generated by artificial intelligence, as your own.

Please refer to Civil Service candidate advice on the acceptable use of artificial intelligence within the recruitment and selection process - Artificial intelligence and recruitment , Civil Service Careers

The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected, you could be refused certain services or employment. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found by [ https://www.cifas.org.uk/fpn].

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : Amber Shankland
• Email : amber.shankland@ofgem.gov.uk

Recruitment team

• Email : recruitment@ofgem.gov.uk

Further information

Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. You have the right to complain if you feel there has been a breach of these Recruitment Principles.

In the first instance, you should raise the matter directly via recruitment@ofgem.gov.uk. If you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission, please visit their website.

Attachments

DDSS Role Profile Principal Security Architect (3) Opens in new window (pdf, 137kB)DDSS Candidate Pack, Principal Security Architect (1) Opens in new window (pdf, 1702kB)Terms and Conditions Opens in new window (pdf, 335kB)