Security Architect – SC Cleared

Duration : 4 months

Position : Security Architect – SC Cleared

Minimum Requirement:

• Act as a subject matter expert to the Local Digital Cyber team as we develop our services (such as Cyber Health Framework) to improve the cyber security posture of local government

• Contribute to building security capability in local government, by researching, identifying, capturing, iterating security architecture patterns and guidance encompassing legacy, on-premise with some cloud and hybrid

• Working with partners such as NCSC and Cabinet Office, provide expert advice to MHCLG to understand and manage the cyber risk to the sector

• Support MHCLG with the response to a local government cyber incident

• Represent the programme and contribute at local government sector working groups and meetings

Skills required

• Communication skills: You have a deep understanding and can apply security concepts to a technical level. You can effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders, and are able to respond to challenge. You can manage stakeholders’ expectations and be flexible, adapting to stakeholders’ reactions to reach consensus.

• Design s • Enabling and informing risk-based decisions: You can make and guide effective decisions on risk, explaining clearly how the decision has been reached. You can make decisions proportionate to the level of technical complexity and risk.

• Research and innovation: You can advise on developments to security approaches in technology. You can identify new technologies and design the use of these in the business context.

• Specific security technology and understanding: You have knowledge of system architectures especially legacy on-premise environments. You can understand and articulate the impact of vulnerabilities on existing and future designs and systems, and can identify how easy or difficult it will be to exploit these vulnerabilities. You have broad knowledge of a range of systems but may specialise in one.

• Understanding the whole context: You understand trends, practices and policies outside your team and how these will impact the work. You understand how your work fits into the broader strategy and historical context. You can consider the patterns and interactions on a larger scale. You can interpret and apply an understanding of policy and process, business architecture, and legal and political implications to assist in the development of technical solutions or controls.

• Analysis. You can visualise, articulate and solve complex problems and concepts, by interrogating and using data or intelligence to formulate and influence plans. You can interpret complex business and technical issues and identify and recognise a viable solution or control. You can understand and link complex and diverse sets of information to inform the response and approach: for example, identifying vulnerabilities and their impact. You can review solutions and identify areas for change. You can drive the collection of information that is used and analysed. You can feed back on policy and requirements. ecure systems: You can design and review secure system architectures through the application of patterns and principles, to meet user needs while managing risks.

Security Clearance: SC Clearance