Senior Security Architect

Job summary

Please note this role requires you to pass Security Check clearance. For further information, please see 'Selection process details'.

Do you want to solve large-scale security challenges, designing resilient architectures, leading threat mitigation, and embedding security across modern cloud-native services?

We are looking for a Senior Security Architect who:

• Has proven experience as a Security Architect within complex, large-scale digital or government environments.
• Has a strong understanding of secure-by-design principles, enterprise architecture and cloud-native security.
• Has experience working in agile, multidisciplinary teams delivering user-centric services.
• Has the ability to influence senior stakeholders and communicate complex security concepts clearly.
• Can demonstrate experience of shaping architecture standards, roadmaps and governance frameworks.
• Has a passion for mentoring others and developing organisational capability.

As our Security Architect, you will use your technical knowledge, architecture design knowledge and development skills to help secure services used by millions of people against cyber threats.

DWP is a huge and complex organisation. We have unique architectural and security challenges that you won't find in other roles. The reason for this vacancy is provide a security architect to provide advice and guidance to this team. This role will involve our Corporate Centre Services function.

We also welcome applications from candidates from a range of backgrounds including those with academic, consultancy and military experience, who hold a Certified Information Systems Security Professional (CISSP) certification (or willing to work towards obtaining the qualification), or a Master’s degree in Information Security.

Job description

The Security Architect will provide guidance and advice ranging from scoping IT Health Checks, providing guidance in risk assessment, providing security guidance, checking the cloud posture management platform for vulnerabilities. Projects may involve online identity and verification, telephone based identity and verification.

DWP is looking to provide a strategic platform within the identity and trust team that will allow secure and safe communication for its users with its services.

The team is made up of a number of architects, so relationships will need to be built with other teams, the security community and the design authority. Key responsibilities include:

• Leading the design and delivery of secure architectures, ensuring security controls are embedded from the outset of product development.
• Developing and recommending secure solution options during discovery and inception to inform design decisions.
• Collaborating with Solution Architects and agile teams to produce secure, value-for-money designs aligned to user needs.
• Creating clear security architecture artefacts and documentation to support governance and enable secure engineering practices.
• Ensuring all designs comply with the Digital Blueprint, Enterprise Architecture standards, and agreed product roadmaps.
• Providing expert security guidance across the full product lifecycle, including assurance activities such as control self-assessments.
• Owning and evolving security product roadmaps, contributing to Digital Blueprint improvements and reusable security patterns.
• Build organisational security capability through mentoring, sharing best practice, and supporting the growth of the Architecture community.

Person specification

See selection process for further details.

If you would like to learn more about the role, please contact mark.harbottle@dwp.gov.uk.

Behaviours

We'll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Leadership
• Working Together

Technical skills

We'll assess you against these technical skills during the selection process:

• Communication [Security Architect] (Practitioner)
• Analysis (Practitioner)
• Designing secure systems (Practitioner)
• Enabling and informing risk-based decisions (Practitioner)
• Security technology (Expert)
• Understanding security implications of transformation (Practitioner)

Benefits

Alongside your salary of £57,946, Department for Work and Pensions contributes £16,786 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

We also have a broad benefits package built around your work-life balance which includes:

• Working patterns to support work/life balance such as job sharing, term-time working, flexi-time and compressed hours.
• Generous annual leave – at least 25 days on entry, increasing up to 30 days over time (pro–rata for part time employees), plus 9 days public and privilege leave.
• Support for financial wellbeing, including interest-free season ticket loans for travel, a cycle to work scheme and an employee discount scheme.
• Health and wellbeing support including our Employee Assistance Programme for specialist advice and counselling and the opportunity to join HASSRA a first-class programme of competitions, activities and benefits for its members (subscription payable monthly).
• Family friendly policies including enhanced maternity and shared parental leave pay after 1 year’s continuous service.
• Funded learning and development to support progress in your role and career. This includes industry recognised qualifications and accreditations, coaching, mentoring and talent development programmes.
• An inclusive and diverse environment with opportunities to join professional and interpersonal networks including Women’s Network, National Race Network, National Disability Network (THRIVE) and many more.

Hybrid Working

This role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home. This is a voluntary, non-contractual arrangement and your office will be your contractual place of work.

If a hybrid working arrangement is suitable for the role and for you, you will normally be required to spend a minimum of 60% of your contracted working hours from your DWP office.

If you have a disability, caring responsibilities, or other circumstances that may affect your ability to meet the minimum office attendance requirement, please discuss this with us using the contact details in this advert.

Salary Information

The role is part of the Government Digital and Data profession and utilises an enhanced Government Digital and Data Pay Framework linked to capability which provides access to a Government Digital and Data allowance.

Pay for this role is £57,946 to £68,205, subject to candidate type. In addition to this, the role can attract a Government Digital and Data allowance of up to £25,971. Please see additional info below regarding candidate type. The value of allowance awarded will be based on an assessment of your skills as demonstrated in the selection process. Government Digital and Data Allowance is a discretionary non-consolidated, non-pensionable allowance.

External applicants

Pay for this role is £57,946 plus a Government Digital and Data Allowance of up to £25,947, subject to our assessment of capability at interview.

Our offer to successful candidates will be based on our assessment of your capability based on the evidence you provide at interview against the listed Technical Skills for the role. There is no negotiation at offer stage.

Internal and OGD applicants

Pay for the role is from £57,946 to £68,205, you may also be eligible for a Government Digital and Data Allowance of up to £25,971, subject to our assessment of capability at interview.

Existing Civil Servants who secure a new role on lateral transfer should maintain their current base salary.

Existing Civil Servants who gain promotion should either move to the bottom of the grade pay scale or receive a 10% increase to their base salary; whichever would be the greater.

In addition to your base salary a Government Digital and Data Allowance may be payable based on our assessment of your capability. Our offer to successful candidates will be based on the evidence you provide at interview against the listed Technical Skills for the role. There is no negotiation at offer stage.

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

Stage 1: Application

Your application will consist of three parts:

1. A Personal Details application form.

2. Employment history - for each employment this should specify your position or role within the organisation, dates held, and any relevant qualifications.

3. Personal statement - up to 1250 words. Use your personal statement to provide examples of how you meet the experience essential criteria below:

• Expert Security Architecture Design & Modelling: Proven ability to lead the design of secure, scalable architectures using recognised modelling techniques, tools and standards. You consistently embed security controls from the outset and produce clear, high-quality architecture artefacts that support governance and delivery.
• Strong Application & Cloud Security Expertise: Deep understanding of securing modern applications and cloud-native environments, including hands-on knowledge of platforms and tooling such as Docker, Kubernetes, Istio, and CI/CD pipelines (e.g. Jenkins, GitLab), alongside cloud posture management and vulnerability assessment.
• Enterprise-Scale Architecture Experience: Demonstrable experience operating as a Security Architect within a complex, large-scale, national or multinational organisation. You are confident working across enterprise architectures, aligning solutions with strategic roadmaps and Digital Blueprint standards.
• Advanced Network & Infrastructure Security Knowledge: Strong knowledge of network protocols (e.g. TCP/IP, BGP, OSPF) and their secure implementation, with experience securing infrastructure components including firewalls, load balancers, routers, and switches within highly available environments.
• Threat Analysis, Risk Management & Cryptography Expertise: Ability to identify, assess and mitigate sophisticated cyber threats using tools such as SIEM, IDS/IPS, and endpoint detection platforms. Strong understanding of risk assessment practices, encryption and cryptographic standards (e.g. TLS, IPsec, PKI, VPNs) to protect data in transit and at rest.
• Identity, Access Management & Security Leadership: Deep knowledge of authentication and authorisation protocols (e.g. OAuth2, OIDC, SAML, JWT) and their application in identity and trust platforms. Proven ability to communicate security solutions, influence stakeholders, and build capability through collaboration, mentoring and leadership within architecture communities.

Further details around what this will entail are listed on the application form.

Ensure that all examples provided in your statement are taken directly from your own experience and that you describe the examples in your own words. If you choose to use gen-AI to support your statement, you must follow the guidelines outlined in the Artificial intelligence and recruitment guide.

The sift panel will use the information in your employment history, personal statement and technical statement to assess your experience, skills and knowledge.

If you do progress to a full sift, you will be provided with one combined overall assessment score for both your employment history and Personal Statement.

For Hints and Tips on completing your application visit Applying for jobs at DWP Digital.

Applications will be sifted at regular intervals from the date the posts are advertised. Please apply as soon as you can, do not wait until the end of the campaign.

Important Information

• You will be asked to complete your employment history. Any information that you would customarily share on a CV should therefore be entered onto the application form.
• Personal details that could be used to identify you including your name, contact details and address must be removed for your application to be considered.
• If your employment history/personal statement contains any personal details your application will be withdrawn.

Stage 2: Interview 1

If you're successful at sift stage you will be invited to a video interview via Microsoft Teams.

You will be asked to do a 10-minute presentation to further assess your experience and to assess the technical skill of Communication (Security Architect). There will be a further 10 minutes for questions.

"Architecture Communication (Expert)". Your presentation should focus on the following:

• Present an example of a security architecture design that you’ve worked with external suppliers to define and deliver, explaining how you translated business requirements into secure technical solutions including your key decisions, applied architectural standards, patterns and modelling techniques, and worked with delivery teams through the full lifecycle.

The use of visual aids such as PowerPoint is allowed.

Stage 3: Interview 2

If you are successful at Stage 2 (interview 1) you will be invited to a video interview via Microsoft Teams. There, you will be assessed against the following Behaviours and Technical Skills:

Behaviours:

• Communicating and Influencing
• Leadership
• Working Together

Technical Skills:

• Analysis (Practitioner)
• Designing secure systems (Practitioner)
• Enabling and informing risk-based decisions (Practitioner)
• Security technology (Expert)
• Understanding security implications of transformation (Practitioner)

Interviews will take place from late June 2026. Sift and Interview dates to be confirmed.

Further Information

Find out more about Working for DWP

A reserve list may be held for a period of 6 months from which further appointments can be made.

Reserve list candidates will be posted in merit order by location.

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. Please ensure that all examples provided in your application are taken directly from your own experience and that you describe the examples in your own words. Applications will be screened and if evidence of plagiarism or copying examples/answers from other sources is found, your application will be withdrawn. Internal DWP candidates may also face disciplinary action.

Security Clearance Requirement

You must meet the security requirements before you can be appointed. The level of security needed is security check.

For further information on National Security Vetting please visit the Demystifying Vetting website.

You must have resided continuously in the UK for at least 3 of the last 5 years, 2 of which must have been the immediately preceding years from the point of applying for this job.

Reasonable Adjustment

At DWP we value diversity and inclusion and actively encourage and welcome applications from everyone, including those that are underrepresented in our workforce.

We consider visible and non-visible disabilities, neurodiversity or learning differences, chronic medical conditions, or mental ill health. Examples include dyslexia, epilepsy, autism, chronic fatigue, or schizophrenia.

If you need a change to be made so that you can make your application, you should: Contact Government Recruitment Service via DigitalRecruitment.grs@cabinetoffice.gov.uk as soon as possible before the closing date to discuss your needs.

Complete the “Reasonable Adjustments” section in the “Additional requirements” page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you’re deaf, a Language Service Professional.

For further information on reasonable adjustments, terms and conditions and how we recruit visit the How We Recruit, page

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : Mark Harbottle
• Email : mark.harbottle@dwp.gov.uk

Recruitment team

• Email : DigitalRecruitment.grs@cabinetoffice.gov.uk

Further information

Appointment to the Civil Service is governed by the Civil Service Commission Recruitment Principles. If you wish to make a complaint, please find further details here: https://careers.dwp.gov.uk/how-we-recruit/.

Attachments

DWP Terms and Conditions January 2024 Opens in new window (docx, 17kB)Success-Profiles-Candidate-Overview Opens in new window (pdf, 635kB)