Public Sector Resourcing
Lead Security Architect

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
On behalf of HS2, we are looking for a Lead Security Architect (Inside IR35) for a 6 Month hybrid contract up to 3 days per week based in Birmingham.
Job purpose
The Lead Security Architect is responsible for leading the development of security architecture and processes to embed the strategic application of security-related change across HS2’s systems and solutions.
The role owns the security domain architecture and oversees the design of HS2 security systems, setting appropriate design guardrails, standards, and policies to guide the development and implementation of products and platforms across HS2.
Role of Directorate and Capability
IT sits within the CFO Directorate, playing an essential role in daily operations and success of the programme. The department provides technical leadership, advisory and delivery of IT services across HS2 Ltd, enabling the delivery of HS2’s mission.
Accountabilities/Responsibilities
- Develop and implement enterprise-wide security architecture policies, patterns, processes and guardrails to embed the strategic application of change to ensure resilience of HS2-wide systems and solutions.
- Establish and manage the Security Architecture practice and capabilities across HS2, leading knowledge sharing and skills development efforts and driving consistency across HS2
- Oversee the design of HS2 security systems, setting appropriate design guardrails, standards, and policies, balancing functional and non-functional requirements, and managing associated risks.
- Set strategies, policies, standards and practices to ensure compliance and alignment between business strategies, technology strategies, and security activities.
- Lead definition and continued maturity of Security Architecture frameworks which aligns to wider enterprise-wide architecture.
- Capture and prioritise market and environmental trends that impact security, identifying business benefits of alternative security strategies.
- Support the development of HS2 IT’s information security strategy, ensuring that it aligns with wider Enterprise Architecture standards and HS2 IT objectives.
- Build strategic relationships with external stakeholders to understand security requirements and pain-points.
- Support the development of wider security roadmaps that provide proactive capabilities which enable business objectives.
- Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Skills:
- Security and Enterprise-wide architecture. Ability to develop a security architecture and support the development of a future state architecture aligned to strategy. Ability to support the translation of business drivers, goals and constraints into business objectives
- Governance and assurance. Ability to evolve and define governance and take responsibility for working with other stakeholders across HS2’s wider governance structure. Assure standards, guardrails and principles to effectively govern delivery
- Problem definition and shaping. Ability to define security-related strategies and policies, providing guidance to others on working within a strategic context.
- Agile working. Ability to coach and lead teams in Agile and Lean practices
- Stakeholder communication. Ability to communicate with stakeholders at all levels and manage stakeholder expectations
- Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques
Knowledge:
- Knowledge of IT Security Frameworks, methodologies, and best practice / guidance such as NCSC standards
- Secure by Design Principles
- Familiarity with ISO 27001 and Cyber Essentials Plus
- Knowledge of agile methods and their implications for Security Architecture
- Knowledge of architecture principles, patterns, and their application within an organisation


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Type of Experience:
- Experience across industry frameworks and best practices (E.g., NCSC CAF, CIS CSC, etc.)
- Experience of supporting design for complex solutions including risks and remedies
- Experience of overseeing high-level designs for major solutions, managing design requirements, and maintaining an audit trial for a design control process
- Experience of defining complex technical models and communicating technical models clearly to stakeholders at all levels.
- Experience of successfully applying Security Architecture methods and approaches to complex scenarios.
- Experience working in a multi-vendor environment.
- Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems
Please be aware that this role can only be worked within the UK and not Overseas.
Disability Confident
As a member of the Disability Confident Scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply.
In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills