Overview

Security Architect – Newport

About the job

Job summary

Please note: Applicants should review all aspects of this advert to ensure a thorough understanding. If reviewing via a screen reader, please note that the Job summary, Job description, Person specification, Benefits and Things you need to know sections have been emphasised

Security Architect

The Security Architect works closely with the Chief Security Officer, Head of Cyber, Lead Security Architect and the wider security team to develop an IPO vision for security and evolution of the security strategy and supporting roadmaps.

The role of IPO Security Architect is part of the IPO Secure team at the Intellectual Property Office. Playing a key part in an established team, the individual is responsible for ensuring the continued compliance with key security standards, such as PCI, ISO27001, secure by design, GovAssure etc.

It is essential that this role ensures that security architecture alongside compliance are understood and therefore the role will include championing security by design.

The Security Architect is essential in shaping security solutions and controls across multiple platforms (on-premises, cloud, hybrid) providing oversight, support, and advice to enable technical teams to make security decisions.

They ensure that common tools and patterns are used effectively to deliver secure systems, whilst implementing proportionate controls to enable positive business outcomes thereby safeguarding the IPO’s data, essential services and the supporting infrastructure.

They ensure Secure by Design principles are adopted, and coordinate on assurance against the National Cyber Security Centre’s Cyber Assessment Framework with the Government’s GovAssure framework.

Working Style

This role will be carried out in-line with IPO Hybrid working arrangements where staff are currently expected to spend at least 20% of their time working onsite from one of our offices. This role is based in our Newport Office.

The requirement for attendance at an office location can vary by role so we would encourage candidates to discuss working arrangements with the recruiting manager to agree a reasonable balance between working from home and the office.

Job description

Main duties consist of but are not limited to:

  • Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design).
  • Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT.
  • Manage the security architecture compliance roadmap, ensuring activities are organised and planned in with relevant teams in an efficient manner, ensuring it aligns closely with the IPO Secure Team’s strategic direction and any recommendations from audits.
  • Continuously keep up to date with changing compliance legislation and initiatives to assess new opportunities for educating colleagues on relevant security standards.
  • Recommend security controls and identify security solutions that support business objectives.
  • Provide expert security guidance and direction during the design, implementation and use phases of systems, applications and infrastructure.
  • Provide specialist advice and recommendations regarding approaches and technologies across teams and various stakeholders, assessing the risk associated with proposed changes.
  • Inspire and influence others to execute security principles, communicating widely with other stakeholders.
  • Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office.
  • Assist, where necessary, with incident response processes to identify architectural issues and solutions.
  • Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions.
  • You will be expected to carry out any other duties that may reasonably be required in line with your main duties.

              Person specification

              Essential criteria

              • Broad technical knowledge, especially around cloud and hybrid technologies.
              • Solid understanding of Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad.
              • Solid understanding of security protocols, networking, identity management, authentication, authorisation, and cryptography.
              • Excellent communication and interpersonal skills. Ability to interact with stakeholders of all levels to effectively articulate security controls, solutions, and advice. Capable of switching between technical and non-technical language.
              • Capable of evaluating options and making decisions quickly and effectively.
              • A team player who is enthusiastic about contributing to the overall success of the team and collaborating with stakeholders of all levels.
              • Sense of Urgency – ability to address situations, incidents or tasks proactively and promptly.
              • Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs.

                            How to apply

                            Click the ‘Apply now’ button and complete the application form by providing the following:

                            CV

                            • Upload an anonymised copy of your current CV.
                            • Make sure it clearly shows how you meet the essential criteria listed in the Person Specification.

                            500-word Personal StatementUse this to explain why you’re suitable for the role. Structure your statement around the specific bullet points below, take from the essential criteria:

                            • Solid understanding of Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad.
                            • Solid understanding of security protocols, networking, identity management, authentication, authorisation, and cryptography.
                            • Capable of evaluating options and making decisions quickly and effectively.
                            • Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs.

                              TechnicalProvide a 250-word example that demonstrates your technical ability against the following criteria:

                              • Broad technical knowledge, especially around cloud and hybrid technologies.

                              AI Usage
                              Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

                              For further information on the sift and interview stages of this recruitment campaign, please head to our ‘Things you need to know’ section below.

                              Please visit our Civil Service Careers page – IPO – Recruitment Support , Civil Service Careers (civil-service-careers.gov.uk)

                              If you require job-specific information, please contact Dominic Read.
                              E-mail: dominic.read@ipo.gov.uk
                              Telephone: 01633 433189

                              Behaviours

                              We’ll assess you against these behaviours during the selection process:

                              • Seeing the Big Picture
                              • Making Effective Decisions
                              • Working Together

                              Technical skills

                              We’ll assess you against these technical skills during the selection process:

                              • Broad technical knowledge, especially around cloud and hybrid technologies.

                              Benefits

                              Alongside your salary of £46,262, Intellectual Property Office contributes £13,402 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

                              • Unlimited Pluralsight video learning access
                              • Access to Microsoft’s ESI training suite
                              • Hybrid working with no core hours
                              • Substantial support for career progression
                              • 25 days annual leave moving to 30 days in annual increments
                              • You will also get 8 days public leave and 1 day privilege leave

                              For more information about what’s on offer at the Intellectual Property Office please review our IPO benefit pack attached to the bottom of this advert.

                              Please note that benefits may be subject to change.

                              Things you need to know

                              Selection process details

                              This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours, Experience and Technical skills.

                              Additional details on security and vetting

                              Successful candidates must pass a disclosure and barring security check and if successful you must also hold, or be willing to obtain, a higher Security Clearance .

                              For meaningful checks to be carried out individuals will need to have lived in the UK for a sufficient period of time, depending on the level of clearance, to enable appropriate checks to be carried out and produce a result which provides the required level of assurance. For this role the successful individual will need to have consistently lived in the UK for a minimum 5 years in order to meet the relevant security clearance.

                              Further information on the vetting process can be found at National security vetting: clearance levels – GOV.UK

                              If you have questions regarding this or are unsure if you meet the eligibility criteria, please contact Recruitment@ipo.gov.uk

                              Stage 1 – Sift
                              An initial sift of applications will be carried out to create a shortlist. This will be based on the evidence provided for the following Success Profile elements:

                              Experience
                              Your CV and your 500-word personal statement will be used to assess your suitability for the role.

                              Technical
                              Your 250-word response will demonstrate your technical skills against the listed Technical criteria.

                              Stage 2Interviews
                              If invited to interview Behaviour, Experience and Technical based questioning will be used.

                              Please note candidates that proceed to the interview stage will be required to deliver a presentation. Details will be provided in the invite to interview information.

                              Specific information regarding the Success Profile elements that will be assessed at interview will be contained within the interview invitation.

                              Interviews for this role will be carried out in person at our Newport Office.

                              Reserve List
                              This recruitment campaign will keep a reserve list for 12 months. If you meet the requirements for this role but aren’t offered after passing the interview, you’ll be placed on the reserve list. If a suitable position opens up during this time, we will reach out to individuals in merit order.

                              Applicants to note:IMPORTANT: CVs sent direct to the IPO will not be accepted.

                              There may be important information contained within the job role profile candidates may also wish to refer to. We recommend candidates download and save a copy of the role profile for reference.

                              This post is being advertised to Internal, Across Government and External candidates at the same time.

                              Incomplete and/or late submissions will not be accepted or considered. Feedback will only be provided if you attend an interview or assessment.

                              We do not routinely reimburse travel expenses for candidates, however if participating in the selection process would cause you undue financial hardship or if it restricts your ability to participate, please contact the recruitment team for more information.

                              In line with Government guidance, successfully appointed candidates will need to provide documents for our Right to Work checks. Information on this will be sent within the invite to interview text.

                              If you require a reasonable adjustment at any stage of the recruitment process, then please let the recruitment team know via; recruitment@ipo.gov.uk

                              For more information on the IPO’s terms and conditions, please review the attached IPO Modernised Terms and Conditions document attached at the bottom of this advert.

                              Feedback will only be provided if you attend an interview or assessment.

                              Security

                              Successful candidates must undergo a criminal record check.

                              Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) .

                              See our vetting charter (opens in a new window) .

                              People working with government assets must complete baseline personnel security standard (opens in new window) checks.

                              Nationality requirements

                              This job is broadly open to the following groups:

                              • UK nationals
                              • nationals of the Republic of Ireland
                              • nationals of Commonwealth countries who have the right to work in the UK
                              • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
                              • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
                              • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
                              • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

                              Further information on nationality requirements (opens in a new window)

                              Working for the Civil Service

                              The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

                              We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles (opens in a new window) .

                              The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

                              The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

                              Diversity and Inclusion

                              The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window) .

                               

                              Before you apply -
                              Register now and turn on alerts for jobs like this!

                              • To apply for this position, receive job notifications and manage your applications, click "Register with Diversity Jobs Group".
                              • To apply for this position without registering, click "Apply with Customer".

                              By registering you agree to our terms and conditions.

                              Apply with Customer

                              IMPORTANT: Before applying for this role, please make sure you have the right to work in the country where the role is based. Unless it clearly stipulates within in the job advert above that the hiring company is looking to or able to sponsor applicants it is deemed that the hiring employer will only consider applications from those able to comply with and work in the country where the role is based.