HM Revenue & Customs
Enterprise Security Architect (Principal Cyber Security Professional)

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Enterprise Security Architect (Principal Cyber Security Professional)
Enterprise Security Architect (Principal Cybersecurity Professional) – HMRC
About the Role
Discover a fulfilling career at HMRC, where purpose, growth, and belonging drive the workplace. Explore our YouTube channel to hear from employees about their experiences—uncover your potential within one of the most complex digital estates in Europe.
HMRC is recruiting Enterprise Security Architects to shape and govern the security architecture, technology strategy, and tooling critical to its multi-billion-pound hybrid cloud transformation.
This role is based within Security Consultancy Services (SCS), a centre of excellence delivering risk-based security architecture, assurance, and technical leadership across HMRC and wider government, including participation in groups like Women in Tech.
HMRC is committed to diversity and inclusion and actively encourages applications from women and underrepresented groups in cybersecurity and architecture.
Job Summary
As an Enterprise Security Architect, you will provide strategic security leadership across HMRC’s technology landscape. This includes:
- Defining enterprise-wide security principles, reference architectures, roadmaps, and tooling strategies.
- Guiding secure design and delivery of products, platforms, and services through the full lifecycle.
- Influencing cross-government security strategy as an ambassador for HMRC and fostering broader security architecture expertise.
Line management and mentoring may form part of the role.
Security Check (SC) clearance is a mandatory requirement for this position—see full details in Additional Information below.
Candidate Information Webinar Join our webinar on Tuesday, 30 June 2026 at 2:00 PM to learn more about the role and ask questions. Register your interest here: Candidate Information Session – Enterprise Security Architect.
Key Responsibilities
Enterprise Security Technology Strategy
- Define and governance Zero Trust principles, HMRC standards, and cross-government policy across HMRC’s technology ecosystem.
- Shape a best-practice benchmark for cybersecurity within the UK Government.
Architecture & Design Authority
- Develop and maintain:
- Security reference architectures, design patterns, baselines, and roadmaps.
- Technical standards for infrastructure and applications.
- Lead at technical governance boards, providing authoritative guidance with risk-based security insights.
Technology Direction & Tooling
- Guide security technology strategy, including threat intelligence, vendor capabilities, and business risk.
- Create and implement tooling roadmaps to support HMRC’s architectural vision.
Risk-Based Security Leadership
- Offer authoritative security advice, embedding risk mitigation across governance, design, and delivery lifecycles.
Lifecycle Governance
- Ensure aligned, consistent, and compliant security principles are applied through design, deployment, and operation.
Stakeholder & Cross-Government Engagement
- Engage with senior business and technical stakeholders, vendors, and cross-government bodies.
- Represent HMRC in key governance forums, advancing HMRC and the profession.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Capability Development
- Mentor, train, and empower security architecture talent across SCS and the wider organisation.
Innovation & Continuous Improvement
- Evaluate and adopt cutting-edge technologies, methodologies, and architectures to optimise security posture.
Person Specification
Essential Criteria
You will demonstrate:
-
Enterprise Security Architecture & Strategy
- Proven experience defining and governing enterprise security architecture (including:
- Security principles, reference architectures, technical standards, design patterns, and security roadmaps).
- Risk-based security design expertise—covering confidentiality, integrity, availability, resilience, privacy, and non-functional requirements.
- Proven experience defining and governing enterprise security architecture (including:
-
Frameworks & Methodologies
- Hands-on application of TOGAF and SABSA in large-scale enterprises.
- Deep understanding of NIST Cybersecurity Framework (CSF) 2.0 and ISO 27000 series.
-
Technical Security Expertise
- Strategy leadership across at least two of the following domains (since full expertise is not required):
- Identity & Access Management (IAM) (PAM, SSO, key and secrets management, zero-trust, authentication)
- Network security (segmentation, WLAN/LAN/WAN, SDWAN, proxy firewalls, DDoS, WAF, NAC/DLP)
- Integrated security (SAST, DAST, RAST, IAST, SDLC integration, OWASP, APIs, threat modelling)
- Information protection (key/secrets management, DLP, sensitive data handling)
- Incident response & breach mitigation (SIEM/SOAR, threat modelling, threat hunting, AI security)
- Endpoint & device security (EDR/EPP, UEBA, baseline configuration for Windows/Mac, IoT, mobile UC platforms)
- Cloud-security architecture (CASB, CSPM, CWPP, container, cross-platform zero-trust)
- Strategy leadership across at least two of the following domains (since full expertise is not required):
-
Enterprise Delivery & Influence
- Experience providing security leadership on large-scale programmes, influencing technical and business stakeholders.
- Ability to translate technical risks into actionable decisions for senior leaders.
- Successfully managed multi-vendor and multi-team compliance in complex environments.
- Leadership of cross-functional stakeholder groups, fostering collaboration and advisory guidance.
Desirable Criteria
- Certifications: Recognised credentials such as CISSP, CCSP, CRISC, NIST, or ISO 27001 or vendor-specific certs (e.g., AWS Security, Microsoft Security).
- Chartered membership of a professional cybersecurity body.
Additional Information
Transitional Sites
If your preferred site is one of the following temporary locations, please note:
- Benton Park View, Newcastle (moving to Pilgrims Quarter in the future).
- Telford Plaza, Telford (moving to Parkside Court in the future).
Further details will be disclosed at the job offer stage.
Benefits
- Salary: £71,725 with an additional pension contribution of £20,778 for the Civil Service Defined Benefit Pension Scheme.
- Flexible & Hybrid Working: Balance work-life commitments with tailored arrangements (up to 2 WFH days/week on average).
- Annual Leave:
- Starts at 25 days, increasing by one day per year up to 30 days.
- Pension: Contributions equivalent to 28.97% of your salary mitigated by you via Alpha Pension Scheme.
- Family-Friendly Policies: Inclusive support for workplace needs.
- Personal & Professional Development: Coaching and mentoring programmes.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Selection Process
- Personal Statement (500 words): Describe how your skills and experience align with the Person Specification and Essential Criteria—reference experiences and domain knowledge.
- Optional Desirable Criteria Statement (250 words): Extra focus on LinkedIn certifications or expertise.
Other key stages include:
- CV Review from technical and functional perspectives.
- Interview:Frames Experience-Based Questions (EBQs) and a Technical Scenario, assessing knowledge depth and problem solving.
- Video link interviews (via Microsoft Teams) are scheduled post-initial shortlisting.
- Sift and Interview: TBA. If long-winded shortlisting occurs, assessment scores may be adjusted upwards.
- National Security Vetting (SC): Mandatory and without bypass (including re-application for period-managing entrants).
- IFD Check: Follow-up on employees dismissed or resigning for fraud.
- No Prior Fraud: Candidates subject to fraud/dishonesty offences within the previous 5 years are ineligible.
Applicant Eligibility & Application Tips
✅ Eligible groups:
- UK/EU nationals, Commonwealth nations, EU Settlement Scheme holders.
- Veterans and candidates with disabilities can apply via the Disability Confident Scheme (DCS).
✅ Guidance chapters: For applicants to HM Revenue and Customs access THN resources. Successful testers must align with Civil Service Commission oath/Code for fairness/merit.
✅ The Recruitment Process Requires:
- Name-blind CV, structured by role duty/achievement summary.
- Technical support: Group access to diagnose apps only.
- Segregation Duties: Security checks are expected (Build HMRC’s Investment).
Terms & Notes
- Roles trained in health, speaking English/Welsh access set standards.
- Part-time prospective concessions:
- Pensions(static salary/mounced salary routine), viewers use expectations for order structure.
- Candidate unreliability under GDPR/Dnatory Chars: Sensible correspondence information from the De Pan buz edge: unitybusinessservicesrecruitmentresults@hmrc.gov.uk.
Contact Information
Email | Job Contact Email: alum.dsouza@hmrc.gov.uk Recruitment Team Email: unitybusinessservicesrecruitmentresults@hmrc.gov.uk
☞ [Download HMRC App](purchase HMRC Node): Access digital saved National Insurance Numbers (Secure Data Authentication (HotelSafe Box).)
Do You Fit? Direct Applications Opens/Closes
This vacancy follows Civil Service Commission plans for posts yielding a Gold Card (full-spectrum data/reservoir enablement).
To learn more, visit link: Working for HMRC .
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location