Cyber Security Army Security Architect - MoD - SEO

We are passionate about Smarter Working and believe that a combination of flexible working practices, digital technology and modern workspaces will give you the opportunity to enjoy a healthy work-life balance, while ensuing you deliver your outcomes effectively and efficiently – we expect you to know where to be to have the most impact, balancing your individual needs with that of your team and the organisation.  However, recognising the benefits of face to face working, especially for new joiners, there is an expectation that you would be in the office at least 60% of the time (3 days a week).

About the job

Job summary

The Ministry of Defence employs over 50,000 Civil Servants. Within that, the Army Top Level Budget (TLB) employs around 12,000 MOD Civil Servants located at over 300 locations. Ours is a diverse workforce, with roles ranging from trainers, human resources, teachers, and psychologists to storekeepers, financiers, project and programme managers, and policy secretariat staff. There are many different functions and professions delivering key outputs for the Army. 

Step into the future of warfare with the Information Directorate, where data drives decisions and digital dominance defines victory. We lead in strategic data management, intelligence, and cutting-edge technology, delivering the tools that give the Army a decisive edge on the modern battlefield.

As part of our civil servant  team, you’ll be at the forefront of information warfare, countering disinformation, safeguarding critical data, and ensuring information integrity in a rapidly evolving digital battlespace. You’ll work with state-of-the-art tools, including AI, advanced analytics, and next-gen tech, helping the Army outthink, outmanoeuvre, and outpace its adversaries.

In the Information Directorate, you’ll turn that vision into reality. From strengthening cyber resilience to driving digital transformation on the front lines, your expertise will shape the Army’s future. You’ll collaborate with a diverse network of experts, deploying innovative strategies to maintain the Army’s dominance in an increasingly contested information environment. 

This is more than a job—it’s your chance to redefine digital defence, push the boundaries of innovation, and directly contribute to the Army’s lethality and operational effectiveness.

Join us. Shape the future. Strengthen the force.

This position is advertised at 37 hours per week.

Job description

We are looking for a talented, motivated and dedicated Security Architect to join our team. This role is crucial in ensuring a clear understanding of security architecture and compliance, advocating for Secure by Design principles, Policy adherence, and industry best practices.

As the Security Architect, you will play a pivotal role in establishing a central hub for all Army security stakeholders by developing and maintaining the Army Security Technical Reference Architecture (ASTRA). ASTRA promotes compliance, enhances visibility for decision-makers, and enables the reuse of security patterns through Architectural Building Blocks (Security Functionality) aligned with Policy and industry best practices to create effective solutions.  An integral aspect of this role involves leading Security Architecture Assurance reviews, necessitating close collaboration with the Cybersecurity pillar to identify projects for review, understand the Army security landscape, and the broader security landscape. The review process tailors security recommendations to the project context, identifies overarching themes for projects and Cybersecurity to action as appropriate.

The role requires a diverse skill set to effectively support and enhance an organisation’s security posture. Familiarity with security frameworks and standards such as NIST and ISO 27001, along with experience in using security technologies like firewalls, intrusion detection/prevention systems and encryption, is important.

The successful candidate will be required to: 

• Design and maintain the Army Security Technical Reference Architecture (ASTRA) in a central repository, ensuring it aligns with Defence/Army security principles and policy, NIST 800-53, Secure by Design and Zero Trust Architecture principles
• Research and map industry standards such as NIST RMF, NIST 800-53 to security policies and ASTRA
• Create and gather security architectural patterns to bolster data security management, ensure secure system operations, enhance network and systems security, and improve system and device management. 
• Collaborate with enterprise and solution architects to integrate security principles into system designs
• Create and oversee awareness and training initiatives for ASTRA
• Conduct security architecture assurance reviews using established policies, principles, and standards to ensure consistency and compliance, and to produce detailed reports on compliance status and gaps
• Work with security architects, compliance teams and security teams to understand security policy implementation and the Army security landscape
• Proactively engage with internal and external partners, stakeholders, and peers to develop knowledge and inform decisions
• Line management responsibility for 1 Higher Executive Officer (HEO)

Person specification

We are looking for a detailed-orientated, proactive, and eager to learn individual with strong analytical and communication skills who can work collaboratively but is also comfortable working independently to develop ASTRA and lead Security Architecture Assurance Reviews. The successful candidate should be at ease engaging with a broad spectrum of stakeholders within Defence, Government, and industry. 

This role is ideal for someone who enjoys working at the intersection of security, security strategy, architecture, and governance, adept at connecting security policies and frameworks with specific security implementation.

Strong analytical abilities are essential for this position as the role involves analysing the security implementation and challenges of projects, developing compliance-supporting recommendations, and creating the necessary architectural building blocks aligned with policy and industry standards.

Strong problem-solving skills are necessary to tackle various security compliance challenges, while attention to detail is critical for reviewing security designs to ensure accuracy and compliance.

Effective communication skills are equally vital to articulate security policies, frameworks, and concepts to both technical and non-technical stakeholders. This includes creating concise documentation such as security reviews, procedures, and reports. Strategic thinking about security, aligning security initiatives and policies with business objectives, and devising long-term plans to enhance the Army's security compliance are key aspects of this role.

Essential:

• Solid understanding of security protocols, networking, identity management, authentication, and authorisation
• Solid understanding of Cybersecurity, Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad
• Experience in Cybersecurity
• Strong understanding of security principles and policies, NIST 800-53, Secure by Design
• Broad technical knowledge
• Familiarity with risk management, security governance and compliance assurance
• Excellent communication and interpersonal skills. Ability to interact with diverse internal and external stakeholders of all levels to effectively articulate security policy, principles, patterns, controls, and advice
• Strong analytical skills demonstrated in the ability to provide direction and lead on change with regards to factors involved in analysis
• Skilled in directing and influencing technical and business stakeholders on security best practices and policies with the ability to translate technical security requirements into business and policy language
• Highly organised and able to deal with multiple requests/priorities with competing deadlines
• A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.

Desirable:

• Experience in modelling, preferably using a dedicated modelling tool such as SPARX EA
• Knowledge and experience of using Threat Modelling Techniques
• Experience of technical Security Architecture
• Degree / HND / HNC in Cybersecurity, Information Security, computer science or related field

If successful you will be required to obtain Developed Vetting to take up the role. 

Behaviours

We'll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Seeing the Big Picture
• Making Effective Decisions
• Changing and Improving

We only ask for evidence of these behaviours on your application form:

• Communicating and Influencing
• Seeing the Big Picture

Technical skills

We'll assess you against these technical skills during the selection process:

• Security Architect - Communication (Security Architecture) - Practitioner
• Security Architect - Designing Secure Systems - Working
• Security Architect - Security Technology - Working
• Security Architect - Enabling and informing risk-based decisions - Working