Technical Cyber Architect

** Closing Date:
** 20/01/2026
** Group:
** Corporate Group
** Management Level:
** Senior Associate
** Job Type:
** Permanent
*
* Job Description:

**** Please note this role will close  on Tuesday 20 January so we advise making your application by midnight on the Monday 19 January.
**** About the team you’ll be part of
** This role is part of Ofcom’s Cyber and Infrastructure team within the ICT department. The team ensures that the technology and security measures are in place to support Ofcom’s mission of making communications work for everyone. The position is vital for identifying, protecting against, defending, and recovering from the increasing and evolving cyber threats by applying 'security by design' and 'defence in depth' principles in the planning and evolution of the existing technology landscape.

** Please note that the team also support an on-call roster for out of hours incident response.
**** The purpose and scope of the role
** As a Technical Cyber Architect, you will collaborate with a small team to strategically and securely leverage our cyber capabilities against emerging cyber threats.

Your role will involve close cooperation with the Security Operations Centre to identify, protect, and remediate cyber vulnerabilities, as well as automate repetitive tasks.
Additionally, you will assist other domain architects (Business, Data, and Application) to ensure that technology remains secure and effective.  Act as lead in the absence of the principal, ensuring continuity by overseeing and executing all critical tasks and responsibilities for maintaining effective team operations.
** Your

Key Responsibilities *
* * Design and implement secure, enterprise-scale networks, cloud environments, resources, and end-user solutions.
* Configure and manage Microsoft Sentinel, M365 Defender for Cloud, and Conditional Access in Entra  ensure the security of users and data.
* Train colleagues on cybersecurity procedures to ensure adherence to best practices.
* Architect secure cloud-based solutions to deliver effective capabilities to users
* Design, implementation and support of network infrastructure (WAN/LAN/Wi-Fi)
* Maintaining secure systems like ROSA ()
* Ensuring PCI-DSS compliance for card payments
* Design, creation of Technical Networks for business units
* Utilise Kusto Query Language and advanced hunting techniques to analyse logs for anomalies that may indicate suspicious behaviour.
* Automate repetitive tasks such as log querying and network scanning.
* Conduct red team testing, vulnerability assessments, encryption, intrusion detection, and set up honeypots.
* Collaborate closely with the SOC team to address any incidents and vulnerabilities and act as an escalation point.
* Respond to security incidents and provide remediation steps to prevent and mitigate future breaches.
* Work with other technology teams to address any cybersecurity vulnerabilities.
** Key technologies
** Experience in the following:  Azure Portal, Azure Sentinel, Kusto QL, Nessus, Shodan, Cloud App Security, endpoint security, Microsoft Entra , Power Automate, Logic Apps, Azure Cloud, Big Data, Cisco Umbrella, SQL, Power

BI, AI, including Azure ML and Microsoft Security Copilot, SCCM, InTune, WDAC, and programming languages such as C++, C#, and Python.
** The skills, knowledge and experience you’ll need for success
**** Technical Knowledge,

Skills and Experience:

*
* * Azure Security accredited (SC100 and SC200)
* Security Clearance (SC)
* CISSP* Certified Ethical Hacker (CEH)
* Prince 2 Foundation or relevant project experience
* GIAC Forensic Examiner, Axiom Forensics or equivalent DFIR certifications
* Network trained to CCNA or equivalent
* IT service management accreditation (e.g. ITIL) or equivalent
* Related professional membership, or working towards BCS, ITP, IET, CISec
* PCI-DSS experience
** Behavioural Attributes :*
* * Executing Plans:
Working across organisational boundaries to understand requirements, translate these requirements into technical and security specifications and deliver business outcomes.
* Articulating Ideas:
Ability to present technical and security concepts in layman’s terms and impart knowledge to key stakeholders and…