Lead Security Architect
Lead Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Do you want to help shape the future of secure digital public services in Scotland
The Scottish Governments digital strategy A Changing Nation: How Scotland Will Thrive in a Digital World sets out specific actions for transforming government aligned to the National Performance Framework. Of most relevance to this role is the aim to build a suite of common platforms to be adopted across the public sector.
This role sits within the Digital Components & Infrastructure Division part of the Scottish Governments Digital Directorate. The division brings together three key programmes Digital Identity SG Payments and the SG Cloud Platformfocused on achieving this strategic outcome. All three are aligned with the 2021 Digital Strategys commitment to developing common platforms and component technologies to improve efficiency in the delivery of public services across Scotlands public sector.
As a divisional role this post will initially be part of a multidisciplinary SG Cloud Platform Service team working to transform how the Scottish Government facilitates cloud hosting across the Scottish public sector and the Digital Identity team providing people with a secure and simple way to access public services online. Both services are central to the wider common platforms objective outlined in the Digital Strategy. They play a key role in ensuring that valuable public services are delivered securely efficiently and accessibly.
In addition to supporting the development and operation of these platforms as Lead Security Architect you will contribute to the wider divisions efforts and help promote the adoption of common platforms across the Scottish public sector. Working at scale and with a wide variety of public service users our work is technically complex varied and rewardingoffering a real sense of pride in making a positive tangible difference in peoples lives.
Responsibilities
- Lead the SG Cloud Platform Service and other platforms within the division security architecture (including SABSA and NIST CSF).
- Own and maintain security vision strategy and baseline standards.
- Evaluate security risks and lead architectural decisions balancing business needs.
- Act as the escalation point for all security architecture matters.
- Support secure practices and toolchains.
- Influence stakeholders and advise on security across the division.
- Contribute to service decision making forums design authorities and crossgovernment security communities.
- Support assurance processes and digital service assessments.
- May line manage Security Architects Engineers and/or Analysts.
Responsibilities
Success Profile
Technical / Professional Skills:
We will assess you against the following technical skills during the selection process:
- Applied security capability Practitioner
- Design secure systems Practitioner
- Enabling and informing riskbased decisions Practitioner
- Information risk assessment and risk management Practitioner
- Protective security Working
- Research and innovation Practitioner
- Security architecture Practitioner
- Specific security technology and understanding Expert
- Threat understanding Working
- Understanding security implications of transformation Practitioner
This role is aligned to the Security Architect within the Cyber Security and Information Assurance job family.
You can find out more about the skills required here.
Experience:
- Understand security implications of digital transformation; challenge and lead changes to policy and processes to support business outcomes business architecture and legal and political implications with associated experience in designing secure solutions using industry standard tools and techniques.
- Demonstrate a deep understanding of security concepts and can apply them to a technical level and effectively translate and accurately communicate security and risk implications to technical and nontechnical stakeholders.
- Experience of both assuring 3rd party architecture designs ensuring adherence to agreed policies standards and design patterns and also assuring project outputs against agreed architectural design.
- Experience of implementing technical security controls and standards in a variety of modern cloud applications using autonomic infrastructure including Amazon Web Services and/or Azure environments. Standards should ideally include ISO 27001 NCSC CAF OWASP ASVS and CIS Benchmark.
Behaviours:
- Making Effective Decisions (Level 4)
- Working Together (Level 4)
You can find out more about Success Profiles Behaviours here.
How to apply
Apply online providing a CV and Supporting Statement (of no more than 750 words) which provides evidence of how you meet each of the 4 Experience criteria listed in the Success Profile above.
Candidates will have their applications assessed against all Experience criteria.
If invited for further assessment this will consist of an interview and DDaT Technical assessment where the behaviours experiences and technical skills outlined in the Success Profile will be assessed.
The sift is scheduled for w/c 19/05/2025.
Interviews and DDaT Technical assessments are scheduled for w/c 26/05/2025 however these may be subject to change.
Qualifications
The Scottish Government is the devolved government for Scotland. We have responsibility for a wide range of key policy areas including: education health the economy justice housing and transport. We offer rewarding careers and employ people across Scotland in a wide range of professions and roles.
Our staff are part of theUK Civil Service working for Ministers and senior stakeholders to deliver vital public services which improve the lives of the people of Scotland.
We offer a supportive and inclusive working environment along with a wide range of employee benefits. Find out more aboutwhat we offer.
As part of the UK Civil Service we uphold theCivil Service Nationality Rules.
DDaT Pay Supplement
This post is part of the Scottish Government Digital Data and Technology (DDAT) profession as a member of the profession you will join the professional development system. This post currently attracts a 5000.00 annual DDAT pay supplement applicable after a 3month competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are reviewed regularly and there is one currently underway. Changes will be communicated when the review is concluded.
Working Pattern
Our standard hours are 35 hours per week we offer a truly flexible working including fulltime parttime flexitime and compressed hours meaning you could work your full hours while working less than 5 days per week.
We embrace a hybrid working style meeting in person when it is useful to do so where all colleagues will spend time in Victoria Quay Edinburgh Saughton House Edinburgh or 5 Atlantic Quay Glasgow.
If you have specific questions about the role you are applying for please contact
Equality Statement
We are committed to equality and inclusion and we aim to recruit a diverse workforce that reflects the population of our nation.
Find out more about our commitment todiversityand how we offer and supportrecruitment adjustmentsfor anyone who needs them.
This content is to be included on all vacancies.
Further information
Find out more about our organisation what we offer staff members and how to apply on ourCareers Website.
Apply before: 18th May (23:59)
Employment Type
Full-Time
