Lead Security Architect
| Posting date: | 15 September 2025 |
|---|---|
| Salary: | £60,300 per year |
| Hours: | Full time |
| Closing date: | 06 October 2025 |
| Location: | Sheffield, South Yorkshire |
| Remote working: | Hybrid - work remotely up to 2 days per week |
| Company: | Government Recruitment |
| Job type: | Permanent |
| Job reference: | 418012 |
Summary
As a Lead Security Architect, you will directly secure architecture across a portfolio worth hundreds of millions of pounds. Working with product owners, delivery managers and enterprise architects, you will ensure every new or changed service conforms to Home Office and NCSC standards while enabling rapid, user-centred delivery.
You will analyse emerging threats, advise on proportional mitigations, and produce or tailor reference patterns covering identity, network segmentation, container security, data protection, and monitoring. By modelling risks with frameworks such as ISO 27005, NIST, or STRIDE, you will rationalise design choices to technical and non-technical audiences and document them for reuse. You will champion “secure by default” in agile pipelines embedding IaC scanning, SAST/DAST, SBOM and cloud native guardrails so security becomes a quality attribute owned by delivery teams.
Through communities of practice and one-to-one coaching, you will nurture architects and engineers, acting as escalation point for complex design decisions. Finally, you will cultivate relationships with external suppliers, government peers and industry forums to import good practice and influence future standards, ensuring Home Office services remain resilient, cost-effective and compliant.
You will analyse emerging threats, advise on proportional mitigations, and produce or tailor reference patterns covering identity, network segmentation, container security, data protection, and monitoring. By modelling risks with frameworks such as ISO 27005, NIST, or STRIDE, you will rationalise design choices to technical and non-technical audiences and document them for reuse. You will champion “secure by default” in agile pipelines embedding IaC scanning, SAST/DAST, SBOM and cloud native guardrails so security becomes a quality attribute owned by delivery teams.
Through communities of practice and one-to-one coaching, you will nurture architects and engineers, acting as escalation point for complex design decisions. Finally, you will cultivate relationships with external suppliers, government peers and industry forums to import good practice and influence future standards, ensuring Home Office services remain resilient, cost-effective and compliant.