Lead Security Architect

Join the Home Office as a Lead Security Architect and lead the secure‑by‑design delivery of critical systems that protect citizens and national interests. You will own security architecture across a major portfolio, translating business objectives and emerging threats into practical, proportionate controls while enabling modern approaches such as cloud, Dev Sec Ops  and zero trust. Working closely with senior stakeholders, delivery teams and enterprise architects, you will balance risk, usability and cost, embed security into agile delivery, and shape reusable patterns that strengthen services s is a unique opportunity to combine deep technical expertise with strategic influence, driving security outcomes across high‑impact programmes while mentoring others and raising capability across the organisation.

• Set portfolio level vision & patterns in line with Principal Security Architect strategy, translating them into reusable templates and guardrails.
• Lead architecture reviews for high risk projects, providing actionable recommendations and tracking remediation through to closure.
• Perform and interpret threat modelling / pentest results, converting findings into road mapped improvements and measurable risk reductions.
• Advise on security controls for hybrid and cloud platforms (AWS, Azure, Kubernetes, serverless), balancing usability, cost and compliance.
• Mentor and quality assure Security Architects’ work, fostering a culture of continuous learning and knowledge sharing.
• Engage senior stakeholders across technology, policy and operations, presenting security trade‑offs in business terms and gaining consensus.
• Scan the horizon for emerging threats, tooling and regulatory change, recommending timely adoption or mitigation strategies.
• Oversee vendor and SaaS evaluations, ensuring contracts include appropriate security clauses and ongoing assurance.

• Secure system design leadership: demonstrable track record creating or validating architectures for large scale, high risk services using recognised frameworks (SABSA, TOGAF, NCSC).
• Risk based decision making: expert in ISO 27001 / NIST / CIS controls, able to quantify and articulate risk, then select proportionate, cost effective controls.
• Technical depth: hands on knowledge of cloud security, IAM, container & API security, network segmentation, encryption and Dev Sec Ops  tool chains; capable of explaining exploitability of complex vulnerabilities.
• Pentesting & threat modelling: scoping, overseeing and translating results into enforceable patterns and backlog items.
• Influential communication: demonstrate ability to engage Csuite and delivery squads alike, adapting style to gain agreement and drive secure by design culture.
• Mentoring & governance: experience line managing or coaching Security Architects/Engineers and running architecture assurance or design review boards.

Your CV and Personal Statement will both be assessed. Your Personal Statement should clearly evidence your experience against the essential skills, using the STAR method (Situation, Task, Action, Result). Make full use of the word count to create a comprehensive and compelling application. STAR -

Useful support on Home Office recruitment process including:
Success Profiles tips video, Personal

Information on the Pay Framework Allowance (PFA) -

Discover more about our work by watching this DDaT video

Please note - 3+ years UK residency is typically required to be eligible for SC Clearance and unfortunately we cannot offer sponsorship.