Security Architect

Security Architect

Newport - 4 days per week onsite
6 month contract initially
£85 per hour umbrella (inside IR35)
35 hours per week - 4 days onsite and Fridays offsite

Please note active SC clearance is required and applicants must be SOLE British nationals

Join a high-profile defence programme where your expertise as a Security Architect will directly shape the protection of national security systems and platforms. This is a hands-on role for an architect who thrives in complex, high-assurance environments, working alongside government security authorities and engineering teams to deliver robust, secure solutions.

Responsibilities
Design, develop, and maintain secure system architectures for MOD platforms, applications, and networks
Ensure alignment with relevant standards and frameworks including NIST SP 800-53, ISO 27001, JSP 440, DEF STAN 05-138, and NCSC guidance
Produce and maintain security documentation including Security Architecture Documents, Security Risk Assessments and Security Management Plans
Lead and support secure design reviews and contribute to engineering assurance gates
Liaise with security stakeholders (MOD, NCSC etc.), Information Assurance teams, and other stakeholders to support security assurance processes
Collaborate with engineering and development teams to ensure security requirements are met from the outset
Keep up to date of evolving threat landscapes and propose mitigations aligned with system requirements

Skill Set

Essential
Proven experience in cyber security architecture within a defence, aerospace, or critical national infrastructure environment
Strong knowledge of MOD security requirements (eg JSP 440, JSP 604, DEF STANs)
Good working knowledge and experience of Secure by Design
A robust background in security architectures, process and both industry and government compliances (eg ISO 27001, CE/CE+)
Solid understanding of systems engineering principles and secure development life cycles
Experience developing artefacts to support MOD security assurance
Hands-on knowledge of risk management frameworks (eg HMG IS1/IS2, NIST RMF)
Excellent communication skills, both written and verbal - able to present to technical and non-technical stakeholders

Certifications
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
SABSA, TOGAF or equivalent architecture certifications