£46,262 - £56,996 above base includes additional allowance
Published on

Full-time (Permanent) £46,262 - £56,996 above base includes additional allowance
Published on 17 September 2025 Deadline 29 September 2025

Location

Newport

About the job

Job summary

Please note:Applicants should review all aspects of this advert to ensure a thorough understanding. If reviewing via a screen reader, please note that the Job summary, Job description, Person specification, Benefits and Things you need to know sections have been emphasised

Security Architect

The Security Architectworks closely with the Chief Security Officer, Head of Cyber, Lead Security Architect and the wider security team to develop an IPO vision for security and evolution of the security strategy and supporting roadmaps.

The role of IPO Security Architect is part of the IPO Secure team at the Intellectual Property Office. Playing a key part in an established team, the individual is responsible for ensuring the continued compliance with key security standards, such as PCI, ISO27001, secure by design, GovAssure etc.

It is essential that this role ensures that security architecture alongside compliance are understood and therefore the role will include championing security by design.

The Security Architect is essential in shaping security solutions and controls across multiple platforms (on-premises, cloud, hybrid) providing oversight, support, and advice to enable technical teams to make security decisions.

They ensure that common tools and patterns are used effectively to deliver secure systems, whilst implementing proportionate controls to enable positive business outcomes thereby safeguarding the IPO’s data, essential services and the supporting infrastructure.

They ensure Secure by Design principles are adopted, and coordinate on assurance against the National Cyber Security Centre’s Cyber Assessment Framework with the Government’s GovAssure framework.

Working Style

This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office.

The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working arrangements with the recruiting manager to agree a reasonable balance between working from home and the office.

Main duties consist of but are not limited to:

• Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design).
• Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT.
• Manage the security architecture compliance roadmap, ensuring activities are organised and planned in with relevant teams in an efficient manner, ensuring it aligns closely with the IPO Secure Team’s strategic direction and any recommendations from audits.
• Continuously keep up to date with changing compliance legislation and initiatives to assess new opportunities for educating colleagues on relevant security standards.
• Recommend security controls and identify security solutions that support business objectives.
• Provide expert security guidance and direction during the design, implementation and use phases of systems, applications and infrastructure.
• Provide specialist advice and recommendations regarding approaches and technologies across teams and various stakeholders, assessing the risk associated with proposed changes.
• Inspire and influence others to execute security principles, communicating widely with other stakeholders.
• Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office.
• Assist, where necessary, with incident response processes to identify architectural issues and solutions.
• Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions.
• You will be expected to carry out any other duties that may reasonably be required in line with your main duties.

Person specification

• Broad technical knowledge, especially around cloud and hybrid technologies.
• Solid understanding of Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad.
• Solid understanding of security protocols, networking, identity management, authentication, authorisation, and cryptography.
• Excellent communication and interpersonal skills. Ability to interact with stakeholders of all levels to effectively articulate security controls, solutions, and advice. Capable of switching between technical and non-technical language.
• Capable of evaluating options and making decisions quickly and effectively.
• A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.
• Sense of Urgency – ability to address situations, incidents or tasks proactively and promptly.
• Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs.