Lead Security Architect
Lead Security Architect
Permanent
Up to £108,000 per annum + a fantastic benefits package
Remote
Digital Skills are working with a data-focused tech company that builds and provides tools and services to a range of end clients. The company specializes in designing, building, and continuously improving data-enabling products. We are currently recruiting for a Lead Security Architect, a recognised subject matter expert in security, risk management, and compliance, with demonstrable experience in highly regulated industries, specifically UK Government and/or Defence.
Role Overview
As a Lead Security Architect, you will build effective working relationships with delivery team members and customers and operate independently as a security lead across multiple projects and platforms. You will provide security expertise and drive outcomes, ensuring the security and assurance of complex, cloud-centric data and digital services across the entire life cycle (strategy, design, implementation, and operations).
Key Responsibilities
- Lead security and assurance efforts for highly complex, cloud-centric digital services, ensuring compliance with HMG security architecture and assurance standards.
- Provide specialist advice on security architecture for public cloud environments (AWS, Azure, GCP).
- Define and manage external security testing (ITHC, penetration testing) for cloud-native platforms (Docker, Kubernetes, etc.) and SaaS solutions.
- Formulate HMG Information Assurance Risk Assessments and Risk Treatment Plans.
- Establish security requirements for cloud-based solutions based on industry standards (ISO 27000 series, NIST, CSF, CSA).
- Identify and implement appropriate security controls aligned with industry standards (eg, CCM) to mitigate cloud-native threats.
- Provide oversight and guidance on government security policies and procedures.
- Continuously evaluate new cloud security threats and their impact on business and IT environments.
- Ensure architecture principles, technologies, and security best practices are correctly implemented across all platforms.
Core Competencies & Skills
Domain Expertise:
- Extensive experience in public cloud security architecture (AWS/Azure/GCP) and hybrid cloud environments.
- Deep understanding of cloud security concepts, technologies, and best practices for IaaS, PaaS, SaaS, and serverless architectures.
- Expertise in Information Security and Privacy Standards (ISO 27000 series, NIST 800-53, CIS, GDPR).
- Experience leading security working groups and managing external security testing (ITHC, penetration testing) at high HMG classification levels (OFFICIAL required, SECRET desirable).
Secure Systems & Tooling Design:
- Experience working directly with engineering teams to design and review secure architectures.
- Proficiency in DevOps, DevSecOps, Infrastructure as Code, and Security as Code (Docker, Git, Terraform).
- Managing technical security assessments, vulnerability analysis, and penetration testing.
Risk Management & Compliance:
- Ability to assess, advise on, and manage high-impact security risks.
- Strong knowledge of risk assessment methodologies (ISO 27005, NIST).
- Understanding of security implications across different platforms and ability to implement risk-based security controls.
Communication & Stakeholder Management:
- Ability to translate complex security risks and technical concepts into clear guidance for both technical and non-technical stakeholders.
- Experience working with C-level executives, delivery teams, and external customers to drive security best practices.
- Ability to influence and gain consensus on security decisions within multi-stakeholder environments.
If this role seems like the right fit for you, please don't hesitate to apply.
Reference: 2892060197
Lead Security Architect

Posted on Feb 5, 2025 by Digital Skills Ltd
Lead Security Architect
Permanent
Up to £108,000 per annum + a fantastic benefits package
Remote
Digital Skills are working with a data-focused tech company that builds and provides tools and services to a range of end clients. The company specializes in designing, building, and continuously improving data-enabling products. We are currently recruiting for a Lead Security Architect, a recognised subject matter expert in security, risk management, and compliance, with demonstrable experience in highly regulated industries, specifically UK Government and/or Defence.
Role Overview
As a Lead Security Architect, you will build effective working relationships with delivery team members and customers and operate independently as a security lead across multiple projects and platforms. You will provide security expertise and drive outcomes, ensuring the security and assurance of complex, cloud-centric data and digital services across the entire life cycle (strategy, design, implementation, and operations).
Key Responsibilities
- Lead security and assurance efforts for highly complex, cloud-centric digital services, ensuring compliance with HMG security architecture and assurance standards.
- Provide specialist advice on security architecture for public cloud environments (AWS, Azure, GCP).
- Define and manage external security testing (ITHC, penetration testing) for cloud-native platforms (Docker, Kubernetes, etc.) and SaaS solutions.
- Formulate HMG Information Assurance Risk Assessments and Risk Treatment Plans.
- Establish security requirements for cloud-based solutions based on industry standards (ISO 27000 series, NIST, CSF, CSA).
- Identify and implement appropriate security controls aligned with industry standards (eg, CCM) to mitigate cloud-native threats.
- Provide oversight and guidance on government security policies and procedures.
- Continuously evaluate new cloud security threats and their impact on business and IT environments.
- Ensure architecture principles, technologies, and security best practices are correctly implemented across all platforms.
Core Competencies & Skills
Domain Expertise:
- Extensive experience in public cloud security architecture (AWS/Azure/GCP) and hybrid cloud environments.
- Deep understanding of cloud security concepts, technologies, and best practices for IaaS, PaaS, SaaS, and serverless architectures.
- Expertise in Information Security and Privacy Standards (ISO 27000 series, NIST 800-53, CIS, GDPR).
- Experience leading security working groups and managing external security testing (ITHC, penetration testing) at high HMG classification levels (OFFICIAL required, SECRET desirable).
Secure Systems & Tooling Design:
- Experience working directly with engineering teams to design and review secure architectures.
- Proficiency in DevOps, DevSecOps, Infrastructure as Code, and Security as Code (Docker, Git, Terraform).
- Managing technical security assessments, vulnerability analysis, and penetration testing.
Risk Management & Compliance:
- Ability to assess, advise on, and manage high-impact security risks.
- Strong knowledge of risk assessment methodologies (ISO 27005, NIST).
- Understanding of security implications across different platforms and ability to implement risk-based security controls.
Communication & Stakeholder Management:
- Ability to translate complex security risks and technical concepts into clear guidance for both technical and non-technical stakeholders.
- Experience working with C-level executives, delivery teams, and external customers to drive security best practices.
- Ability to influence and gain consensus on security decisions within multi-stakeholder environments.
If this role seems like the right fit for you, please don't hesitate to apply.
Reference: 2892060197

Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog