Senior Security Architect – 64023
£51,767 – £64,135
We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit: https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.
We are currently offering hybrid working which includes 2 days per week in your local office. Office locations can be found here
We’re recruiting for a Senior Security Architect here at Justice Digital, to be part of our warm and collaborative Network Service team.
The Technology Services team within Digital and Technology is responsible for all infrastructure, end user computing, onsite support and delivery of technology projects. It has responsibility for 95,000 devices and infrastructure across 900+ sites.
The MOJ digital justice department was set up to change the way that people access and use justice services. Our goal is to make the justice system simpler and quicker while saving public money .
Within the network services and security team, our mission is to secure the department (including its arms length bodies) against cyber threats vulnerabilities. We protect our nationwide internal IT infrastructure and high-profile digital services.
The senior security architect role acts as a trusted advisor for security, responsible for delivering both hands-on solutions and providing information and cyber security advice. You will work within the network services team and across other security departments and external agencies, in this fast-paced and diverse role. You’ll be instrumental in designing and implementing appropriately secure systems, security tooling and other solutions to solve cyber security problems.
- Work on projects with high strategic impact, setting a strategy that can be used in the long term and across the breadth of the organisation.
- Continuously improve the security of our platforms and services by cooperating with various stakeholders to identify, communicate and remediate cyber security issues.
- Advise on the selection and implementation of security controls by assessing current threats and vulnerabilities associated with a service or technology.
- Understand common and emerging vulnerabilities and threats.
- Know how to stay up-to-date through sources such as OWASP, NCSC and MITRE ATT&CK.
- Support digital and service teams to implement security controls and be considerate of organisational objectives.
- Communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles and strategy for security.
- Recommend security design across several projects or technologies, up to an organisational or inter-organisational level .
- Have a deep and evolving level of technical expertise, so you can act as an exemplar.
- Make and influence important business and architectural decisions.
- Research, identify, validate and adopt new technologies and methodologies.
- Communicate security issues and advice widely through various internal channels, including technical documentation, intranets and published guidance (like GDS Way).
- Help teams identify and promote security best practices to deliver robust, resilient, secure and scalable solutions.
- Act as an ambassador for the network services security team and promote the team’s tools and services.
- Understand that security isn’t just a technology problem, that people and processes are essential to consider.
- Can demonstrate extensive information and cyber security knowledge, particularly secure development and engineering practices, identity and access management and cryptography principles.
- Manage security aspects end-to-end, from designing security controls before a system is developed to managing processes once a service is live, such as regularly iterating incident management and response plans.
If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!
- You can perform threat modelling and design reviews against new and existing services.
- You have experience with various solutions platforms and environments, particularly Amazon Web Services (AWS), Microsoft Azure and Palo Alto Networks.
- You are able to build prototypes and showcase cyber security solutions.
- You have an expert understanding and can apply security concepts to a technical level, at the highest levels of risk complexity.
- You have strong knowledge of system and security architectures, security monitoring architectures, technologies and practices
- You can understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities.
- You will be familiar with logging platforms such as Sentinel, Splunk and Cortex Data Lake or other security tooling.
- You hold relevant certifications i.e CISSP, CISP, CISM and /or AWS/Azure security training/courses
Willingness to be assessed against the requirements for SC clearance.
We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.
Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace.
How to Apply
Candidates must submit a CV and optional cover letter which describes how you meet the requirements set out in the Person Specification above.
Your application will be reviewed against the Person Specification above by a diverse panel.
Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference.
Should we receive a high volume of applications, a pre-sift based on your expert understanding and can apply security concepts to a technical level, at the highest levels of risk complexity will be conducted prior to the sift.
Terms & Conditions
Please review our Terms & Conditions which set out the way we recruit and provide further information related to the role and salary arrangements.
If you have any questions please feel free to contact firstname.lastname@example.org
The national salary range is £51,767 - £59,590, London salary range is £55,720 - £64,135. Your salary will be dependent on your base location