Senior Data Security Architect

The Government Digital Service (GDS) is the digital centre of government. We are responsible for setting, leading and delivering the vision for a modern digital government.

Our priorities are to drive a modern digital government, by:

1. joining up public sector services
2. harnessing the power of AI for the public good
3. strengthening and extending our digital and data public infrastructure
4. elevating leadership and investing in talent
5. funding for outcomes and procuring for growth and innovation
6. committing to transparency and driving accountability

We are home to the Incubator for Artificial Intelligence (I.AI), the world-leading GOV.UK and at the forefront of coordinating the UK’s geospatial strategy and activity. We lead the Government Digital and Data function and champion the work of digital teams across government.

We’re part of the Department for Science, Innovation and Technology (DSIT) and employ more than 1,000 people all over the UK, with hubs in Manchester, London and Bristol.

The Government Digital Service is where talent translates into impact. From your first day, you’ll be working with some of the world’s most highly-skilled digital professionals, all contributing their knowledge to make change on a national scale.

Join us for rewarding work that makes a difference across the UK. You'll solve some of the nation’s highest-priority digital challenges, helping millions of people access services they need

You’ll be joining the GDS Data Sharing Team, we are strengthening the Data Foundations for the whole public sector to make data sharing easier. We work in partnership across government to define the data strategy, by building consensus through the development of common frameworks and standards.

Job description

As a GDS Senior Data Security Architect working in the Office of the Government Chief Data Officer, you’ll be collaborating with other government departments to develop and publish data security standards for government and the wider public sector.

You’ll have an understanding of agile environments, continual delivery techniques and devops cultures.

With the ability to drive through an agenda, you will be collaborating with other teams in GDS, including our consulting technical architects, the technology policy team, tech writers, and others, as standards are developed and shaped. This will also mean delivering presentations to various stakeholders at all levels.

The role will include travel to different government departments and agencies, therefore there must be a willingness to undertake this.

As a Senior Data Security Architect you’ll:

• develop data security standards for government
• advise on data security for government services
• perform threat modelling as part of a security risk assessment
• apply Secure by Design activities to government services
• identify opportunities to use novel privacy-enhancing technologies to enable data-driven collaboration without compromising on privacy and security
• contribute to API design, including how to make APIs secure
• develop data security controls to mitigate risks applying to AI systems
• work in agile multi-disciplinary teams, with software developers using tools such as Github and following continuous delivery and devops practices

Person specification

We’re interested in people who can:

• understand how to balance the needs of security against the need of users to access and use data to derive value
• communicate effectively with both technical and non-technical stakeholders, support and host discussions within a multidisciplinary team, and manage differing stakeholder perspectives
• show an awareness of opportunities for innovation with new tools and uses of data, for example emerging privacy-enhancing technologies
• understand what data governance is and take responsibility for the assurance of data solutions and make recommendations to ensure compliance
• explain the concepts and principles of data modelling, produce, maintain and update relevant data models for an organisation’s specific needs, reverse-engineer data models from a live system
• work with subject matter experts to develop standards, policies and guidance to secure data
• explain the strategic context of your work and why it is important, support strategic planning in an administrative capacity
• design data architecture that deals with specific data security problems and align it to enterprise-wide standards and principles
• work within the context of well understood architecture, and identify appropriate patterns
• demonstrate a good understanding of data security concepts and can apply them to a technical level
• work with risk owners to advise and give feedback, advise on risk impact and whether it's within risk tolerance, describe different risk methodologies and how these are applied, as well as the proportionality of risk

Benefits

There are many benefits of working at GDS, including:

• flexible hybrid working with flexi-time and the option to work part-time or condensed hours
• a Civil Service Pension with an average employer contribution of 28.97%
• 25 days of annual leave, increasing by a day each year up to a maximum of 30 days
• an extra day off for the King’s birthday
• an in-year bonus scheme to recognise high performance
• career progression and coaching, including a training budget for personal development
• paid volunteering leave
• a focus on wellbeing with access to an employee assistance programme
• job satisfaction from making government services easier to use and more inclusive for people across the UK
• advances on pay, including for travel season tickets
• death in service benefits
• cycle to work scheme and facilities
• access to an employee discounts scheme
• 10 learning days per year
• volunteering opportunities (5 special leave days per year)
• access to a suite of learning activities through Civil Service learning

Any move to Government Digital Service from another employer will mean you can no longer access childcare vouchers. This includes moves between government departments. You may however be eligible for other government schemes, including Tax Free Childcare. Determine your eligibility at https://www.childcarechoices.gov.uk 

Office attendance
The Department operates a discretionary hybrid working policy, which provides for a combination of working hours from your place of work and from your home in the UK. The current expectation for staff is to attend the office or non-home based location for 40-60% of the time over the accounting period.
DSIT does not normally offer full home working (i.e. working at home); but we do offer a variety of flexible working options (including occasionally working from home).

Things you need to know

Selection process details

The standard selection process for roles at GDS consists of:

• a simple application screening process - We only ask for a CV and cover letter of up to 750 words. Important tip - please ensure that your cover letter includes how you meet the skills and experience listed in the “person specification” section above
• a 60 minute video interview. As part of the interview process there will be a presentation task, details around the presentation task will be provided to shortlisted candidates.

Depending on how many applications we get, there might also be an extra stage before the video interview, for example a phone interview or a technical exercise.

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action.  Please see our candidate guidance for more information on appropriate and inappropriate use.

In the event we receive a high volume of applications, we will conduct the initial sift against the lead criteria which is:

• understand how to balance the needs of security against the need of users to access and use data to derive value

In the Civil Service, we use Success Profiles to evaluate your skills and ability. This gives us the best possible chance of finding the right person for the job, increases performance and improves diversity and inclusivity. We’ll be assessing your technical abilities, skills, experience and behaviours that are relevant to this role.

For this role we’ll be assessing you against the following Civil Service Behaviours:

• leadership
• making effective decisions
• working together
• communicating and influencing

We’ll also be assessing your experience and specialist technical skills against the following skills defined in the Government Digital and Data Capability Framework for the Lead Security Architect role:

• research and innovation
• communication (security architect)
• understanding security implications of transformation
• analysis
• security technology

Recruitment Timeline

Sift completion: Thursday 16th October 2025

Panel interviews: starting week commencing Monday 27th October 2025

Candidates that do not pass the interview but have demonstrated an acceptable standard may be considered for similar roles at a lower grade.

A reserve list will be held for a period of 12 months, from which further appointments can be made.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

Please note that this role requires SC clearance, which would normally need 5 years’ UK residency in the past 5 years. This is not an absolute requirement, but supplementary checks may be needed where individuals have not lived in the UK for that period. This may mean your security clearance (and therefore your appointment) will take longer or, in some cases, not be possible.

For meaningful checks to be carried out, you will need to have lived in the UK for a sufficient period of time, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. Whilst a lack of UK residency in itself is not necessarily a bar to a security clearance, and expectation of UK residency may range from 3 to 5 years. Failure to meet the residency requirements needed for the role may result in the withdrawal of provisional jobs offers.

Sponsorship

DSIT cannot offer Visa sponsorship to candidates through this campaign. DSIT holds a Visa sponsorship licence but this can only be used for certain roles and this campaign does not qualify.

Feedback will only be provided if you attend an interview or assessment.