Ofgem
Principal Security Architect

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Principal Security Architect
Principal Security Architect The Office of Gas and Electricity Markets (Ofgem) – Cardiff, Glasgow or London (preference for applicants from Cardiff & Glasgow)
Successful candidates may apply regardless of location, with preference given to those based in Cardiff or Glasgow.
About the Role
Ofgem undertakes critical work protecting UK energy consumers and enabling a sustainable, secure, and fair energy transition. As digital and technology capabilities evolve, cyber security must be embedded at every layer of design, delivery, and operation.
You’ll lead a pivotal Principal Security Architect (Enterprise Architecture) role within the Digital, Data and Security Services (DDSS) directorate. Your work will shape Ofgem’s strategy for secure digital transformation by integrating best practice across:
- Enterprise security architecture
- Secure-by-design principles
- Azure-based ecosystems and complex hybrid cloud environments
- Compliance with UK government standards and NCSC guidelines
This senior, strategic role demands a balance of technical expertise and cross-organisational leadership to drive a culture of resilience and innovation in regulatory tech.
Responsibilities
Your primary duties include:
-
Strategic Direction & Framework Design
- Set the enterprise-wide vision for secure design, establishing frameworks, principles, and reusable architectural patterns to ensure consistency and resilience.
- Shape Ofgem’s approaches to governance, compliance, and risk management in the wake of digital transformation.
-
Leadership on Security Architecture
- Serve as the senior authority for security architecture, providing expert guidance on high-risk systems and leading assurance reviews for major programmes.
- Champion secure development lifecycle practices, including threat modelling, code analysis, and resilience testing.
-
Aligned with Government & NCSC Standards
- Prioritise government security frameworks (CSP, NCSC) and embed methodologies into decision-making.
- Drive assurance processes, balancing technical feasibility, risk, and business objectives.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
-
Stakeholder Influence & Strategic Alignment
- Build stakeholder credibility across technical, security, and executive audiences to shape secure-by-design outcomes.
- Collaborate with CTO, leadership, and senior teams to deliver agile, resilient solutions at scale.
-
Innovation & Process Improvement
- Evaluate and adopt new tools and methodologies (e.g., automation for detection/response) to enhance security effectiveness.
- Establish and lead governance processes, including dn and forum assurance forums for enterprise projects.
-
Organisational Development
- Nurture security architecture capability by mentoring architects and supporting the Government Security Profession.
Requirements
Essential Skills & Experience
-
Certification:
- Chartered via the UK Security Chartered (CSC) or CISSP certification, or equivalent professional qualification.
-
Technical Expertise:
- Deep knowledge of IT infrastructure (cloud/hybrid environments, particularly Azure), software development, and secure architecture compliance.
- Risk & resilience expertise—pragmatic approach to assessing risks related to sensitive systems, partnership with stakeholders to align on shared threat landscapes.
-
Strategic Leadership:
- Proven experience managing strategic plans, tracking delivery against risk mitigation targets.
- Experience negotiating third-party contracts and embedding security into commercial terms.
-
Influence & Communication:
- Ability to disrupt entrenched practices; analyse décenter jeopardising national/regulatory security and present clear, actionable recommendations.
Desirable Attributes (Bonus)
- Experience defining and gaining approval for security strategies aligned with evolving threats.
- Incident analysis and response in complex enterprise security settings.
- Experience developing business cases for change regarding secure design investment.
Offer: Work-Life Balance & Reward
- Salary: £63,443, with an additional £18,379 Civil Service defined benefit pension contribution.
- Pension: Valuable benefits including healthcare and post-retirement support.
- Flexibility:
- Hybrid working (1 day/week in-office; evolving policy).
- Family-friendly policies (including seasonal flexible leave).
- Lifestyle:
- Clean, modern offices in Cardiff, Glasgow, or London.
- Net Zero 2050: Engaged teams contributing to ambitious sustainability targets.
- Fees-based networking and leadership development opportunities.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Sorry, Apply Before Going Further
Before submitting, note fraud prevention measures. Ofgem reserves the right to withdraw applications if examples used in your application (including AI-generated content):
- Misrepresent your experience, or
- Negotiate fabricated technical or leadership achievements.
For candidate guidance, see the Civil Service AI-Driven Career Pathway (Section 6).
Security & Eligibility
- Criminal Record Check Required.
- Developed Vetting Clearance (including Baseline Personnel Security Standard – BPSS checks).
- Vetting Charter: Full details at the Government Security Vetting website.
Diversity & Inclusion
- Open to:
- EU/Schengen nationals and─https://transferwise.com/legal--families with pre-settled status via EUSS.
- Candidates with substantive unspent convictions with civil sector background.
DISABILITY SUPPORT OPTIONS All Ofgem vacancies undergo the Disability Confident Scheme for Civil Service Hire, ensuring accommodations are provided should you need it.
For further enquiries or to join the Process Selection Team, contact:
Certain Answers Outside This Ad Will Not Be Held.
Ready to Apply? Salary Range: £63,443 + pension benefits.
Minority Representation: Ofgem commits to hire from talent pipelines in Wales, Scotland, and the North of England. Concerned?
Written by Ofgem’s Recruitment Team —— Contact: recruitment@ofgem.gov.uk Amber Shankland Ofgem.org.uk/joinus
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location