Rodeo
ResourcesPartnersSign in

HM Revenue & Customs

Enterprise Security Architect (Principal Cyber Security Professional)

Telford
£71.7k/yr
Posted 15 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Enterprise Security Architect (Principal Cybersecurity Professional)

Civil Service Job | HMRC


About The Role

Discover a meaningful career with HM Revenue & Customs (HMRC)—an organisation committed to purpose, growth, and fostering a workplace that rewards a true sense of belonging. Hear from current employees about what it’s like to work at HMRC by visiting our YouTube channel.

HMRC is seeking Enterprise Security Architects (Principal Cybersecurity Professional) to define, govern, and shape the security architecture, technology strategy, and tooling underpinning one of Europe’s most complex digital estates. This leadership role involves:

  • Operating at enterprise scale, influencing security strategy and technical direction across HMRC and government.
  • Supporting a multi-billion-pound transformation in hybrid cloud platforms.
  • Centred within Security Consultancy Services (SCS), a centre of excellence providing risk-based security architecture, assurance, and leadership. Participation in initiatives like Women in Tech is actively encouraged.

HMRC is committed to diversity and inclusion, actively seeking candidates from underrepresented groups to build a stronger, more resilient security architecture capability.


Job Summary

You will provide strategic security architecture leadership across HMRC’s technology landscape, with responsibilities spanning governance, design, risk management, and stakeholder engagement. This role requires authentic expertise and visionary leadership to embed security across the product lifecycle—from strategic planning to final implementation.

Line management and mentoring may also form part of this role.


Security Clearance Requirement: Candidates must hold or be willing to obtain Security Check (SC) clearance. Residency requirements apply (minimum 5 years UK residency for SC level).


Candidate Information Session Register for a session to learn more about the role on Tuesday, 30 June 2026 at 2:00 PM and ask questions directly. Register here.


Person Specification

Key Responsibilities


Enterprise Security Technology Strategy

  • Define and govern enterprise security architecture aligned with Zero Trust principles, HMRC standards, and cross-government policy.
  • Set best-practice benchmarks across the UK government’s security landscape.
  • Develop and communicate a visionary roadmap for modernising security operations.

Architecture & Design Authority

  • Produce and maintain security reference architectures, principles, design patterns, roadmaps, and technical standards.
  • Lead technical governance at architecture boards, ensuring agility while maintaining compliance.

Technology Direction & Tooling

  • Shape security technology strategy based on threat intelligence, vendor capabilities, and business risk exposure.
  • Design and curate roadmaps for tooling, frameworks, and platforms that address evolving cyber threats.

Risk-Based Security Leadership

  • Provide authoritative, risk-based advice for secure delivery of products, platforms, and services.
  • Ensure security measures are multimodal, balancing risk mitigation with business needs.

Lifecycle Governance

  • Govern security architecture and control implementation across the entire delivery lifecycle, ensuring consistency and compliance.

Stakeholder & Cross-Government Engagement

  • Engage senior stakeholders, including business (executives, engineers) and external government collaborators.
  • Represent HMRC at cross-government forums and communities of practice (e.g., security working groups, architecture collaboration platforms).

Capability Development

  • Mentor, develop, and upskill colleagues within Security Consultancy Services (SCS) to enhance HMRC’s broader security maturity.
  • Encourage knowledge-sharing across architecture teams and vendor practitioners.

Innovation & Continuous Improvement

  • Evaluate emerging technologies, methodologies, and future-proofing improvements to HMRC’s security framework.
  • Foster a culture of innovation and collaboration to mitigate security risks adaptively.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.


Essential Criteria

HMRC is seeking applicants with proven experience at enterprise scale, focusing on the following:

  • Proficient in governing enterprise security architecture, including principles, reference models, technical standards, and roadmaps.
  • Strong risk-based security design skills, encompassing confidentiality, integrity, availability, resilience, privacy, and cyber resilience principles.

Frameworks & Methodologies

  • Practical experience applying TOGAF and SABSA frameworks in enterprise environments.
  • Deep knowledge of government and commercial security frameworks, including:
    • NIST CSF v2.0
    • ISO 27000 series
    • Cyber Essentials and Government Secure by Default tools.

Technical Security Expertise

No single candidate is expected to excel in all domains—prioritise strong operating experience across at least two of the following:

  • Identity and Access Management:

    • PAM (Privileged Access Management)
    • SSO (Single Sign-On)
    • Key and Secrets Management
    • Zero Trust principles and JML/Attestation
    • RBAC and conditions of authorisation
  • Secure Networking and Fabric Design:

    • Designed segmentation, secure WLAN/LAN/WAN/SD-WAN implementations.
    • Hybrid Cloud models
    • Zero Trust and SASE architectures
    • VPN, Firewalls, IPS, DDoS Protection, Next-Gen WAF, DNS, NAC
  • CI/CD & Application Security:

    • Experience with SAST/DAST/RAST/IAST and integrating security controls in the Software Development Life Cycle (SDLC).
    • Deep understanding of OWASP Top 10 and regulatory-aware API security design patterns.
    • Proficient in threat modelling and containerised security implementation.
  • Data and Information Protection:

    • Applied tools for data loss prevention (DLP), key management, and protective marking/classification schemes.
  • Cyber Resilience and Response:

    • Hands-on experience in incident response management, vulnerability scanning, SIEM/SOAR platforms, and threat analytics/htting.
    • Applied AI-based security tools for anti-phishing resistance and proactive threat intelligence.
    • Contributing to phishing and cybersecurity campaigns, including tactical deception.
  • Endpoint & Device Security:

    • Configured and assessed endpoint technologies across:
      • Workstations, servers, IoT devices
      • Microsoft Windows (W10, W11) ecosystems
      • UEBA, EDR, EPP
      • Models for overview, ceasing uncovered or insecure devices.
  • Cloud & Multi-Platform Security:

    • Developed reference designs for hybrid cloud platforms (AWS, Azure: IaaS, PaaS, SaaS, FaaS).
    • Expertise in containerization (Kubernetes, Docker) and critical security functions:
      • CSPM/CWPP
      • 2FA, Security Baselines

Enterprise Delivery & Influence

  • Historical evidence of providing authoritative security guidance during large-scale eng potenza makes, multi-million-pound programmes, or complex digital transformations.

  • Leading security operations through agile/DevSecOps environments with clarity and risk awareness.

  • Engaging & influencing senior executives on governance policies, technical debt assessments, or compliance initiatives.

  • Navigating fractured deliverable environments with multi-supplier/multi-stakeholder collaboration.

  • Skills translatable across stakeholder sectors—delegation, mentoring, conflict resolution, and managing governance scope.


Desirable Criteria

  • Awarded chartered professional certification (CISSP, CCSP, CISA, ISO 27001, NIST, CRISC).
  • Vendor expertise (e.g., Microsoft, AWS) or specialisation in blockchain security/digital assets.
  • Membership in and active contribution to a recognised cybersecurity professional organisation.

Working Arrangements

Through flexible and hybrid working, colleagues are expected to:

  • Spend 60% of their time in the office, with an option for:
    • Up to 2 days remote work/a month, provided the role allows and workspaces are conducive.

--- família-focused policies included:

  • 25+ days of annual leave, incrementing with years of tenure (maximum 30 days).
  • Respectful policies for parents, carers, and family flexibility arrangements.
  • Adaptive personal support measures offered at pivotal milestones.
  • Access to coaching and development programmes.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Selection Process

1. Application Considerations

Complete a submission on the Civil Service portal with:

  • Name-blind CV (Highlight job history, skills/experience, with 300-word bullet-point reflection).

  • Personal Statement (500 words)—Align your background to the Person Specification.

    • Include summary of how you may best satisfy the role's Essential Criteria.
  • Optional Stipulation of Desirables (250 words max)—what additional senior recognition or credentials you hold.

  • Technical Challenge—A future section will be live to provide practical assessment on technical readiness (details with interview invitation).

2. Initial Sift

Applications will undergo several triages, followed by further cutoffs based on:

  • Quality of skills/experience assessment.
  • Compliance with mandatory criteria (e.g., Security SC clearanceing schedule).

3. Video Interview

Preliminary stage assesses skills, agency, and role-specific influencers. Anticipate:

  • Interview format combining experience-based and scenario-focused assessment on technical security knowledge.
  • Sharing/specifying specific architecture experience (successes/failures).

Perspective invitees will receive an email detailing the technical scenario by-around 2 weeks prior.

Scheduled sessions hosted remotely via Microsoft Teams.


Eligibility

Ensure accuracy when declaring:

  • Civil Servant entities
  • Nationality requirements are strict (please verify list of eligible nations).

Critical Rule: The application deadline must be respected, and corrections handled prior, not postwarments. Seek immediately if in doubt.


Additional Support

Reasonable Adjustments

Allach candidates can update their HMRC application profile to request:

  • Accessibility accommodations for interview stages.
  • Clarifications would be promptly arraigned—reach out to:
    • unitybusinessservicesrecruitmentresults@hmrc.gov.uk

Transitional Work Locations

HMRC currently scales operations at several office hubs. In these sites, relocation is planned post-2023 strategic shift. Appointments will evaluate conditional stability during transitions until notified. Specific transitional offices:

  • Newcastle, Tyne View/Pilgrims Quadrant (Newcastle).
  • Parkside Court (Telford).

Reserve List & Nationality Policies

On merit-based selection, a reserve list is maintained. Based eligibility stretches equal representation initiatives with alignment with role mandates.

Applications using AI (LLM tools) principals prevail, required adherence is uncovered upon application adjudication (for accuracy and compliance with transparency policies).


Technical Support

  • App/Gov.UK availability optimization links accessible for recruitment challenges.
  • Technical questions to:

Civil Service Recruiting Team: → unitybusinessservicesrecruitmentresults@hmrc.gov.uk → Contact: Clive D.", crd" [HMRC] clive.dsouza@hmrc.gov.uk


Expected Qualifications for Applicants

Security Clearance & Asset Handling

All selected appinters mandated undergo a security-level check (SC).

  • Criminal records are a criterion. HMRC admits denominators assessed in accordance with their Disclosure and Barring Service (DBS) protocol policies.

Transparency & Codes

Acting within declaring requirements:

  • HMRC adheres Civil Service Code, promoting integrity and fair competition principles.
  • Application review conforms to customer Commission Recruitment Principles, ejusда المعرفة
  • Right of appeal concerns not upheld by candidate for excluding Cuith reasoning provided.

Terms est Secondaire two Asso

This online application for HMRC is active platforms for certification of appointments.

Additional resources:

  • Working at HMRC
  • Representation for Special Needs

Feedback Policy

Success decisions are available (appeals are registered once interviews have attended).


Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Security Architecture
Risk-Based Security Design
TOGAF
SABSA
NIST CSF 2.0
ISO 27000
PAM
SSO
Identity Governance
Hybrid Cloud Models
Incident Response
Vulnerability Management
Data Loss Prevention
Threat Modelling
Cloud Security
Technical Leadership

Location

Telford, England, United Kingdom

Sign up to applySee more jobs like this