98 Security Architect jobs in the United Kingdom

An expanding Defence client of ours is currently in the market for a Secutrity Architect to specialise within their Product Security division. As the Product Security Architect, you will be working alongside a team who are constantly growing and developing. You will be responsible for Identify security requirements and ensure the integration of security controls during the product development lifecycle

Some of what you will be involved in:

• Develop and implement risk management strategies
• Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified
• Collaborate with the development teams to ensure the adoption of Secure by Design principles
• Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks.
• Collaborate with the product development teams to integrate security best practices ensuring Secure by Design
• Identify and mitigate security vulnerabilities and risks in products
• Develop and maintain security guidelines, documentation, and training materials
• Participate in incident response and remediation efforts for security breaches affecting products

Your skillset may include:

• Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139)
• An understanding of MOD ISN 23/09 Secure by Design
• Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP
• Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53)

Please reach out to Lewis Dunn @ ARM if you are interested or simply have some questions - E: or DD: (phone number removed)

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.

The GovPass Programme within the GPA is modernising Access Control Systems across HMG. Delivering a new UK government standard for card encryption improving building security and enabling greater interoperability through its innovative technology.

GovPass is operating across the UK in HMG Estate and in some of the most iconic buildings and departments, with an ambition to expand this further over the coming years.

Client Details

The Government Property Agency is the largest property holder in government, with more than 2.1 billion in property assets and over 55% of the government's office estate.

We are transforming the way the Civil Service works by creating great places to work, leading the largest commercial office programme in the UK, working towards halving carbon emissions from government offices, and achieving greater value for taxpayers. And we are looking for innovative, solutions-focused people to join our team.

Representing the best covenant in the UK - His Majesty's Government - we are leading transformational programmes such as the Government Hubs Programme, Whitehall Campus Programme and Net Zero Programme, as well as delivering modern, cost-effective real estate service solutions.

Innovation and progress are at the heart of our behaviours. We foster a culture of lifelong learning, where curiosity and self-improvement are encouraged. And we're dedicated to becoming a leading, inclusive employer both in the external market and throughout the Civil Service. Our strong emphasis on Equity, Diversity, and Inclusion (EDI) is not just about driving inclusion across our organisation, it is also about ensuring our services meet the needs of government departments and the civil servants who use our spaces.

Join our dynamic and diverse team that leads with purpose, improving sustainability, nurturing social value, driving inclusivity and flexibility, and kickstarting economic growth. We are driven by purpose, and you can be part of it too: where you make a meaningful impact; where you influence; where your voice really matters; where you help to shape our future direction.

Description

The GovPass Programme within the GPA is modernising Access Control Systems across HMG. Delivering a new UK government standard for card encryption improving building security and enabling greater interoperability through its innovative technology.
GovPass is operating across the UK in HMG Estate and in some of the most iconic buildings and departments, with an ambition to expand this further over the coming years.

The Security Architect is a critical role in the GovPass Product Team and will be responsible for designing and developing security for the GovPass Service and Products, maintaining security documentation and developing architecture patterns and security approaches to new technologies. This role involves collaboration with various stakeholders to develop, maintain, and enhance security architectures that support the delivery of public services. The role will support the Product Manager by offering technical solutions and advice to ensure the product remains secure and aligns with business objectives.

Working wider across the GPA, this role will also be pivotal in shaping and influencing cross directorate product management practices and strategies as part of the wider GPA agenda. As the GovPass product stabilises or as the needs of government change over time, there is scope to take on other product related responsibilities in the future.

Responsibilities:

• Recommend security controls and identify solutions that support a business objective
• provide specialist advice and recommend approaches across teams and various stakeholders
• communicate widely with other stakeholders, agencies and National Technical Authorities
• Advise on important security-related technologies and assess the risk associated with proposed changes
• Inspire and influence others to execute security principles
• Help review other people's work
• Recommend a security risk assessment approach and vulnerability analyses recommending mitigation strategies from the results
• Identify areas for improvement within existing security frameworks and recommend enhancements

Profile

Person Specification:

• Strong communication skills, comfortable briefing at a senior level
• Customer focused and organised with an ability to rapidly analyse complex problems and find solutions
• Resilient, adaptable and comfortable working in a fast paced and evolving environment
• Driven and focused to deliver within the public sector
• Collaborative and inclusive ways of working and can build trust across diverse teams and stakeholders
• Working knowledge of security architecture principles and best practices.
• Demonstrable experience in security architecture, risk assessment and incident response

Experience & Technical Skills:

Essential criteria:

• Experience in designing and implementing security solutions, preferably in a government or public sector environment.
• Working knowledge of security standards and frameworks, including Secure by Design, ISO 27001, NIST or similar
• Understanding of security architecture patterns, methodologies, and best practices.
• Strong analytical and problem-solving skills, with a focus on innovation and efficiency.
• Strong communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.

Desirable criteria:

• Knowledge of Automated Access Control Systems

Qualifications and Accreditations

Essential criteria:

• Relevant Security Architecture qualification (e.g., CISSP, CISM or equivalent).
• Demonstrable experience working on technical projects and managing stakeholders.
• Demonstrable experience of working within security standards and frameworks

Desirable criteria:

• Degree in Computer Science, Information Technology, Cyber Security or technical related field.
• Professional Membership (e.g. BCS, CITP) or a willingness to obtain within 12 months of taking up post
• SC Clearance before taking up post (will be required before role can be started) and a willingness to undergo DV if required

Job Offer

• A salary range of 41,055 - 45,155 per annum
• 28.9% Civil Service Pension
• Hybrid working
• Multiple offices: Birmingham, Bristol, Leeds, Manchester, Cardiff, Swindon, Nottingham
• Closing Date - 15th August 2025

• Identify security requirements and integrate controls into product development.
• Conduct risk assessments, threat modeling, and vulnerability analysis.
• Develop and implement risk management strategies using security frameworks.
• Collaborate with development teams to ensure security best practices and secure-by-design principles.
• Identify and mitigate security risks in solution architectures.
• Create security documentation (e.g., RMADS, Security Assurance Documents).
• Support incident response and remediation efforts for security breaches.
• Provide security guidance and training to teams across the organization.

• Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) .
• Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139).
• Proficiency in security threat modeling and risk assessments.
• Knowledge of secure development practices, penetration testing, and vulnerability assessments.
• Ability to communicate security risks and strategies to technical and non-technical stakeholders.
• Experience in incident response and remediation.
• Strong analytical and problem-solving skills.

• Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
• Certifications such as CISSP, CISM, OSCP, GIAC (preferred but not mandatory).
• Must be eligible for SC security clearance.
• Experience working in defense, government, or high-security environments is a plus.
• Knowledge of cloud security architectures (AWS, Azure, GCP) is advantageous.

Security Arcitect
Location: Bristol, UK
Clearance Required: Must be eligible for SC Clearance

Are you passionate about safeguarding advanced products and systems from ever-evolving security threats? We are seeking a highly skilled Security Architect to join our cutting-edge team in Bristol. In this role, you'll be instrumental in securing the software development lifecycle for complex systems within the defence and national security domain.

This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards -this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you're an experienced professional with strong capabilities in threat modelling , risk assessment , and secure systems architecture , we want to hear from you.

• Integrate security controls throughout the product development lifecycle

• Conduct detailed threat modelling and risk assessments using recognised tools

• Lead the implementation of risk management strategies based on industry best practices (NIST, ISO)

• Work closely with development teams to ensure secure-by-design principles are followed

• Identify and propose mitigations for security vulnerabilities in solution architectures

• Maintain and evolve internal security policies, documentation, and awareness training

• Support incident response efforts and coordinate remediation actions where needed

• Serve as a subject matter expert on product and application security to internal stakeholders

• Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable

• Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential

• Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees)

• Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09

• Ability to identify, assess and mitigate risks across software and hardware product ecosystems

• Strong written and verbal communication skills, including the ability to convey risk to non-technical audiences

• Analytical thinker with strong problem-solving skills

• Detail-oriented with excellent planning and organisational abilities

• Resilient, proactive, and capable of driving initiatives forward independently

• A team player with the ability to influence at all levels of the organisation

• Eligible for SC clearance and able to work in the UK without restrictions

Security Architect

Permanent

Newcastle upon Tyne

55,000 - 62,000

Hybrid working

Excellent Benefits

Sellick Partnership are delighted to be partnering with our well-known client in the North East to recruit a Security Architect on a permanent basis.

The Security Architect will join a Security Operations team who have accountability for defining security solutions across the organisation as well as service architecture for infrastructure, information and applications to support ongoing IT transformation.

The Security Architect will provide advice to technology teams to ensure project deliverables remain in alignment with the organisational roadmap.

Responsibilities:

• Responsibility for security blueprint solutions for complex protective security for physical and data assets.
• Provision of security leadership to develop and deliver the organisations digital services whilst working with other architects and SME's to lead the design of the solution.
• Presenting security solutions to senior management and architecture governance boards with the ability to communicate and engage with a range of stakeholders.
• Ensuring infrastructure security design remains updated and appropriate elements are phased out, ensuring business continuity at all times.

What we are looking for:

• Experience implementing and developing security solutions and design strategies in a complex environment.
• Ability to undertake analysis of technical designs and provide the organisation with security assurance of supplier proposals and designs.
• Broad working knowledge of infrastructure, cloud, managed service architectures and web applications in a complex environment.
• Detailed understanding of the security implications and appropriate security controls of hosting sensitive information in large scale cloud based cloud infrastructure environments.
• Security industry recognised certifications such as CISSP, CISMP, IOS Standards etc.
• Architecture frameworks and components exposure.

This is an exciting opportunity to join a well-known and highly respected organisation based in the North East with real career development opportunities. Please apply by Friday 13th June to be considered.

Sellick Partnership is proud to be an inclusive and accessible recruitment business and we support applications from candidates of all backgrounds and circumstances. Please note, our advertisements use years' experience, hourly rates, and salary levels purely as a guide and we assess applications based on the experience and skills evidenced on the CV. For information on how your personal details may be used by Sellick Partnership, please review our data processing notice on our website.

The GovPass Programme within the GPA is modernising Access Control Systems across HMG. Delivering a new UK government standard for card encryption improving building security and enabling greater interoperability through its innovative technology.

GovPass is operating across the UK in HMG Estate and in some of the most iconic buildings and departments, with an ambition to expand this further over the coming years.

Client Details

The Government Property Agency is the largest property holder in government, with more than 2.1 billion in property assets and over 55% of the government's office estate.

We are transforming the way the Civil Service works by creating great places to work, leading the largest commercial office programme in the UK, working towards halving carbon emissions from government offices, and achieving greater value for taxpayers. And we are looking for innovative, solutions-focused people to join our team.

Representing the best covenant in the UK - His Majesty's Government - we are leading transformational programmes such as the Government Hubs Programme, Whitehall Campus Programme and Net Zero Programme, as well as delivering modern, cost-effective real estate service solutions.

Innovation and progress are at the heart of our behaviours. We foster a culture of lifelong learning, where curiosity and self-improvement are encouraged. And we're dedicated to becoming a leading, inclusive employer both in the external market and throughout the Civil Service. Our strong emphasis on Equity, Diversity, and Inclusion (EDI) is not just about driving inclusion across our organisation, it is also about ensuring our services meet the needs of government departments and the civil servants who use our spaces.

Join our dynamic and diverse team that leads with purpose, improving sustainability, nurturing social value, driving inclusivity and flexibility, and kickstarting economic growth. We are driven by purpose, and you can be part of it too: where you make a meaningful impact; where you influence; where your voice really matters; where you help to shape our future direction.

Description

The GovPass Programme within the GPA is modernising Access Control Systems across HMG. Delivering a new UK government standard for card encryption improving building security and enabling greater interoperability through its innovative technology.
GovPass is operating across the UK in HMG Estate and in some of the most iconic buildings and departments, with an ambition to expand this further over the coming years.

The Security Architect is a critical role in the GovPass Product Team and will be responsible for designing and developing security for the GovPass Service and Products, maintaining security documentation and developing architecture patterns and security approaches to new technologies. This role involves collaboration with various stakeholders to develop, maintain, and enhance security architectures that support the delivery of public services. The role will support the Product Manager by offering technical solutions and advice to ensure the product remains secure and aligns with business objectives.

Working wider across the GPA, this role will also be pivotal in shaping and influencing cross directorate product management practices and strategies as part of the wider GPA agenda. As the GovPass product stabilises or as the needs of government change over time, there is scope to take on other product related responsibilities in the future.

Responsibilities:

• Recommend security controls and identify solutions that support a business objective
• provide specialist advice and recommend approaches across teams and various stakeholders
• communicate widely with other stakeholders, agencies and National Technical Authorities
• Advise on important security-related technologies and assess the risk associated with proposed changes
• Inspire and influence others to execute security principles
• Help review other people's work
• Recommend a security risk assessment approach and vulnerability analyses recommending mitigation strategies from the results
• Identify areas for improvement within existing security frameworks and recommend enhancements

Profile

Person Specification:

• Strong communication skills, comfortable briefing at a senior level
• Customer focused and organised with an ability to rapidly analyse complex problems and find solutions
• Resilient, adaptable and comfortable working in a fast paced and evolving environment
• Driven and focused to deliver within the public sector
• Collaborative and inclusive ways of working and can build trust across diverse teams and stakeholders
• Working knowledge of security architecture principles and best practices.
• Demonstrable experience in security architecture, risk assessment and incident response

Experience & Technical Skills:

Essential criteria:

• Experience in designing and implementing security solutions, preferably in a government or public sector environment.
• Working knowledge of security standards and frameworks, including Secure by Design, ISO 27001, NIST or similar
• Understanding of security architecture patterns, methodologies, and best practices.
• Strong analytical and problem-solving skills, with a focus on innovation and efficiency.
• Strong communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.

Desirable criteria:

• Knowledge of Automated Access Control Systems

Qualifications and Accreditations

Essential criteria:

• Relevant Security Architecture qualification (e.g., CISSP, CISM or equivalent).
• Demonstrable experience working on technical projects and managing stakeholders.
• Demonstrable experience of working within security standards and frameworks

Desirable criteria:

• Degree in Computer Science, Information Technology, Cyber Security or technical related field.
• Professional Membership (e.g. BCS, CITP) or a willingness to obtain within 12 months of taking up post
• SC Clearance before taking up post (will be required before role can be started) and a willingness to undergo DV if required

Job Offer

• A salary range of 41,055 - 45,155 per annum
• 28.9% Civil Service Pension
• Hybrid working
• Multiple offices: Birmingham, Bristol, Leeds, Manchester, Cardiff, Swindon, Nottingham

Security Architect – 12-Month Fixed-Term Contract
Location: Central Manchester (1 day a week on site)
Contract Type: Fixed-Term (12 months)
Start Date: ASAP

A leading organisation undergoing significant digital transformation is seeking a Security Architect to join on a 12-month fixed-term contract. This is a fantastic opportunity to play a pivotal role in shaping the future of the business’s cyber security strategy and strengthening its overall cyber resilience.

You’ll be at the heart of a multi-year Security & Risk transformation programme, designing and implementing robust, scalable security architectures that span both cloud and on-premise environments. This role is ideal for someone passionate about driving meaningful change and delivering secure, business-aligned solutions within a Microsoft-first environment.

What You’ll Be Doing:

• Leading the design and deployment of end-to-end security architectures using Microsoft Defender, Sentinel, and Identity solutions.
• Aligning security strategy with business goals and digital transformation objectives.
• Providing architectural oversight and mentorship to internal security and project teams.
• Collaborating with a wide range of stakeholders to translate complex business needs into practical and secure technical designs.
• Maintaining clear documentation, roadmaps, and security blueprints to support future scalability.

What We’re Looking For:

• Proven experience in security architecture design and delivery across large, complex environments.
• In-depth knowledge of Microsoft security technologies, including Defender and Sentinel.
• Strong cloud security experience (Azure preferred), with a track record of designing secure, integrated solutions.
• Excellent grasp of security principles including defence-in-depth, zero trust, and secure development lifecycles.
• Strong communication and stakeholder management skills – able to influence at all levels.
• Experience working within structured architectural frameworks and governance models.

Desirable Certifications:

• CISSP, CISM, TOGAF
• Microsoft certifications such as SC-200, AZ-500, SC-100

Security Architect

Permanent

Newcastle upon Tyne

55,000 - 62,000

Hybrid working

Excellent Benefits

Sellick Partnership are delighted to be partnering with our well-known client in the North East to recruit a Security Architect on a permanent basis.

The Security Architect will join a Security Operations team who have accountability for defining security solutions across the organisation as well as service architecture for infrastructure, information and applications to support ongoing IT transformation.

The Security Architect will provide advice to technology teams to ensure project deliverables remain in alignment with the organisational roadmap.

Responsibilities:

• Responsibility for security blueprint solutions for complex protective security for physical and data assets.
• Provision of security leadership to develop and deliver the organisations digital services whilst working with other architects and SME's to lead the design of the solution.
• Presenting security solutions to senior management and architecture governance boards with the ability to communicate and engage with a range of stakeholders.
• Ensuring infrastructure security design remains updated and appropriate elements are phased out, ensuring business continuity at all times.

What we are looking for:

• Experience implementing and developing security solutions and design strategies in a complex environment.
• Ability to undertake analysis of technical designs and provide the organisation with security assurance of supplier proposals and designs.
• Broad working knowledge of infrastructure, cloud, managed service architectures and web applications in a complex environment.
• Detailed understanding of the security implications and appropriate security controls of hosting sensitive information in large scale cloud based cloud infrastructure environments.
• Security industry recognised certifications such as CISSP, CISMP, IOS Standards etc.
• Architecture frameworks and components exposure.

This is an exciting opportunity to join a well-known and highly respected organisation based in the North East with real career development opportunities. Please apply by Friday 13th June to be considered.

Sellick Partnership is proud to be an inclusive and accessible recruitment business and we support applications from candidates of all backgrounds and circumstances. Please note, our advertisements use years' experience, hourly rates, and salary levels purely as a guide and we assess applications based on the experience and skills evidenced on the CV. For information on how your personal details may be used by Sellick Partnership, please review our data processing notice on our website.

• Identify security requirements and integrate controls into product development.
• Conduct risk assessments, threat modeling, and vulnerability analysis.
• Develop and implement risk management strategies using security frameworks.
• Collaborate with development teams to ensure security best practices and secure-by-design principles.
• Identify and mitigate security risks in solution architectures.
• Create security documentation (e.g., RMADS, Security Assurance Documents).
• Support incident response and remediation efforts for security breaches.
• Provide security guidance and training to teams across the organization.

• Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) .
• Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139).
• Proficiency in security threat modeling and risk assessments.
• Knowledge of secure development practices, penetration testing, and vulnerability assessments.
• Ability to communicate security risks and strategies to technical and non-technical stakeholders.
• Experience in incident response and remediation.
• Strong analytical and problem-solving skills.

• Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
• Certifications such as CISSP, CISM, OSCP, GIAC (preferred but not mandatory).
• Must be eligible for SC security clearance.
• Experience working in defense, government, or high-security environments is a plus.
• Knowledge of cloud security architectures (AWS, Azure, GCP) is advantageous.