Security Architect Data Services and Analytics (DSA) - HO - SEO

The Digital Data and Technology (DDaT) profession enable the Home Office to keep the UK safe and secure. They do this by designing, building, and running the services that help people apply for visas or passports, support policing and counter-terrorism operations, and protect the UK’s borders.   

Data Services and Analytics (DSA) consist of technical and non-technical professionals from a wide variety of backgrounds, we are the hub of data expertise within the department. We support our teams with structured learning, both formal and on-the-job, mentoring and feedback. We embrace diversity and inclusion to ensure we represent the public we serve, and we are passionate about fair treatment and the wellbeing of our colleagues as part of our ambitions to be a brilliant Civil Service. By joining Data Services and Analytics now, you can help drive forward our aim to become recognised as the leading provider of data insight services in Government. 

Team members have specialised knowledge and a calling to build on it. We want the best people to come to the Home Office and work in the diverse roles and communities they’re passionate about. This is how we produce exceptional outcomes.  

Due to business requirements this post is available on a full time/flexible working basis. Where business needs allow, some roles may be suitable for a combination of office and home-based working. Where this is the case, employees will be expected to spend a minimum of 60% of their working time in the office. Applicants can raise any queries to the email address at the bottom of the advert.   

We value diversity and inclusion and welcome applications from the widest diversity of backgrounds, cultures, and experiences. We particularly encourage applications from women, people with disabilities and LGBT+ as they are currently under-represented in the Home Office at this grade level. Appointments will be made on merit based on fair and open competition. 

Job description

Security Architects advise and enable technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns. 

As a Security Architect you will create and design security for a system or service, maintain security documentation and develop architecture patterns and security approaches to new technologies. 

You will have a proactive responsibility to deliver secure systems and implement proportionate controls to enable business outcomes. 

You will be able to build effective partnerships with diverse teams across multiple locations and technologies, and you will be able to effectively communicate security and risk implications across technical and non-technical stakeholders. 

Your main day to day responsibilities will be: 

• Advising on security considerations for a system or service, maintaining security documentation and developing architecture patterns and security approaches to new technologies. 
• Analysing the current environment to detect critical security deficiencies and ensuring fixes are implemented in line with policies. 
• Maintaining awareness of developments in the security and technology industry to ensure that the technology landscape is kept secure in line with industry standard. 
• Recommending security controls and identifying solutions that support a business objective. 
• Providing specialist advice and recommending approaches across teams (including Engineering, DevOps and Architecture) to formulate solution and conceptual architecture, advising on key security related technologies and assessing the risk associated with proposed changes. 
• Inspiring and influencing others to execute security standards, policies and principles. 

Person specification

Essential skills 

You’ll have a demonstrable passion for Security Architecture, with the following skills or some experience in: 

• Designing secure system architectures through the application of patterns and principles, to meet user needs whilst managing risks. 
• Making and guiding effective decisions on risk, based on information assurance risk assessment methodology, explaining clearly how the decision has been reached. 
• Applying security concepts to a technical level, working with security tools, network security infrastructure technologies, and Information Security Management frameworks (e.g. ISO 21001, CoBIT and SOX). 
• Understanding NCSC information security guidance and architecture patterns. 
• Understanding architecture methodology e.g. SABSA, TOGAF. 
• Scoping and working with penetration testing. 

The essential skills listed above are reflective of the Home Office Government Digital and Data Profession Career Framework (based on the industry standard SFIA framework- Use the levels of responsibility to understand what would be expected for each technical skill listed). Please see below for the relevant skills for your role: 

• Strategy and Planning 

o Strategic Planning (ITSP) – Level 3 

o Innovation (INOV) – Level 3 

o Enterprise and Business Architecture (STPL) – Level 3 

o Solution Architecture (ARCH) – Level 3 

• Advice & Guidance 

o Consultancy (CNSL) – Level 3 

o Specialist Advice (TECH) – Level 3

Technical skills

We'll assess you against these technical skills during the selection process:

• Strategic Planning (ITSP) – Level 3
• Innovation (INOV) – Level 3
• Enterprise and Business Architecture (STPL) – Level 3
• Solution Architecture (ARCH) – Level 3 · Advice & Guidance
• Consultancy (CNSL) – Level 3
• Specialist Advice (TECH) – Level 3