Security Architect

Overview

Security Architect | Hybrid Working with Glasgow or Dundee Base Location | £57141 - £71243 + £5,000 DDaT Pay Supplement after 3 month qualifying period | Full or Part Time Hours | Flexi- time | 25 Days annual leave (increasing to 30 after 4 years’ service) plus 11.5 Public and Privilege| Contributory Pension Scheme (employee contributions 7.35% employer contributions 28.97%)|

 

Are you looking for a job where you can make a real difference to the people of Scotland?Would you enjoy playing a key role in designing the security for the delivery of Social Security Benefits in Scotland? Would you like to work with a multi-disciplinary team to support the secure delivery of the complex digital programme which underpins the most significant new public service to be created in Scotland since devolution? If so, then our Security Architect role may be the perfect opportunity for you to develop your career while also helping people in these challenging times.Social Security Scotland, an Executive Agency of the Scottish Government, is the largest and most complex IT and digital change programme since devolution. With a lifetime budget of over £300m, delivering a social security system that will support the people of Scotland for decades to come. Due to the demands of this exciting programme of work, the Agency is currently experiencing rapid growth and we require more incredible digital, security and technology experts to join us.

 The Security Architect is based in the Digital Risk & Security (DRS) Branch of the Chief Digital Office. The DRS Branch is responsible for managing and protecting the security of the Social Security Scotland, ensuring that all operations, data, resources within the agency are safeguarded against potential threats. This includes the implementation and enforcement of robust security measures, continuous monitoring, and ensuring compliance with public sector standards. The security architect is responsible for designing and managing the organisation’s security architecture, with an emphasis on AWS cloud security. Designing secure AWS architecture patterns, conducing security assessments, ensuring compliance, and integrating security best practices into all development and deployment processes. This role is critical in applying security by design principles to protecting the organisation’s data and infrastructure from potential threat.   What Do We Offer You?

We offer meaningful and engaging careers, a collaborative culture, and support for your career goals, all while nurturing a healthy work-life balance.  We provide an employment package that attracts, develops, and retains only the best talent. We provide an employment package that attracts, develops, and retains only the best talent.

• C1 - Salary between £57141 - £71243 plus a £5000 annual Digital, Data and Technology (DDaT) pay supplement after a 3 month qualifying period. This supplement is backdated and paid with your monthly salary.
• Flexible working arrangements with potential of up to 4 days off per month.
• You will have an annual leave allowance of 5 weeks, rising to 6 weeks after 4 years. In addition, the Scottish Government observes 11½ days public and privilege holidays, dates of which are set annually.
• Workplace adjustments for everyone that needs them to ensure your comfort and safety in your new role.
• Learning and development opportunities to support your personal and professional growth.
• Career progression – join a rapidly growing and developing organisation with excellent opportunities for career advancement.
• Contributory Pension Scheme (employee contributions 7.35% employer contributions 28.97%).
• Health and wellbeing support including 24 hour access to our Employee Assistance Programme, plus counselling support available for all. 
• Discounts on gym memberships and retail outlets. 

DDaT Pay Supplement

This post attracts a £5,000 DDaT pay supplement after a 3 months DDaT competency qualifying period. The payment will be backdated to your start date in the role. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review. This post is part of the Scottish Government DDaT profession. As a member of the profession, you will join the professional development scheme, currently BCS RoleModel plus. 

 

Hybrid Working 

We embrace a hybrid working style where all colleagues will spend time in either our Glasgow or Dundee offices. There is an expectation of a minimum of 2 days per week in your assigned location.  Base office location can be in either Dundee or Glasgow.

 

About Us 

Social Security Scotland is an Executive Agency of the Scottish Government. Our benefits help people from all walks of life in Scotland. We are committed to recruiting a diverse workforce that is representative of the clients we serve.   

 

Find out more about us here  

Responsibilities

• Develop, maintain, and enhance the security architecture strategy, principles, and pattern to address the emerging threats.• Manage and update the security baseline controls to define the security control requirements for the information systems and data.• Design and implement effective security solutions that are designed to secure the organisation's data and systems.• Provide specialist security advice and recommend approaches across teams and stakeholders.• Identify and evaluate the security tools and technology that are required for the agency.• Advise on important security-related technologies and assess the risk associated with proposed changes.   Additional Duties:• Contribute to cyber assurance maturity assessments, or other industry, private sector or local audit/compliance activities.• Support the development of business cases for investment to improve IT security controls.• Ensure the maintenance of security risks on organisational risk register.• Support the liaison with supply chain partners’ security managers to obtain assurance of their security controls.

Qualifications

No specific qualifications are required for this post. How To Apply

To apply for this post, you will need to provide the information requested below via the online application process.   A CV (no longer than two pages) setting out your career history, with key responsibilities and achievements - this is accessed through the candidate profile.   

In addition, please record your Personal Statement (no longer than 750 words). This should clearly demonstrate how your skills, qualities and experience meet the following essential criteria:

 

1. Broad and deep technical knowledge covering application, data, technology, and security domains in digital cloud (preferred AWS) services with associated experience in designing secure solutions using industry standard tools and techniques is required.2. Demonstrable experience and track-record of delivering successful IT security architecture frameworks, strategies, roadmaps, and solutions in support of organisational programmes and projects, including strong knowledge and working experience identifying and remediating common attack methods.3. Experience providing assurance of 3rd party security architecture designs ensuring adherence to agreed policies, standards, and design patterns and explaining clearly to a wide range of internal and external stakeholders (including senior officials, customers and suppliers) how the decision has been reached with the ability to understand and resolve security related disputes across varying levels of complexity and risk.4. Experience of implementing technical security controls in a variety of projects and organisations with strong knowledge of government and industry data/cyber security legislation, policy, patterns, standards (including but not limited to ISO27001, CSA STAR and NIS Directive).When considering how your experience relates to the role, please tailor your CV and personal statement to reflect the role and the essential skills/criteria as described in the job description. If we receive a large number of applications, we may complete an initial sift on the first essential criteria. Following the sift of applications there may be a telephone interview as part of the Assessment process, prior to interview.  If you are successful at sift stage you will be invited to an interview which will be held in person in either High Street, Glasgow or Agnes Husband House, Dundee. If you pass the sift but are not invited to the first round of interviews, you may be invited to a subsequent round. Any queries on this please contact gopal.pandurengan@socialsecurity.gov.scotWe aim to provide feedback on request, however; if we receive a large number of applications it may not be possible for us to provide feedback on your application if you are not invited to attend an interview/assessment. We will provide feedback on request to all candidates that attend an interview/assessment.DDaT Social Security Scotland - Further information - Security Architect Information SessionWe will be running an online information session on Friday 6th September at 10.30am. The session will cover: • About Social Security Scotland • The Security Architect role and Team • Our recruitment process. • Q&A with the hiring manager  Please feel free to join us using the link below to find out more about the role and working for Social Security Scotland.  Click here to join the meeting Interview/Assessment InformationHere are details of the Competencies required for this role, you will be tested against these competencies if you are invited to attend an interview and undertake a digital assessment: • Leading Others• Communications and Engagement• Improving Performance• Analysis and Use of Evidence• DDaT Technical Skill Assessment  Reserve ListIn the event that further posts are required, a reserve list of successful candidates will be kept for up to 9 months.  Recruitment ContactTo learn more about this opportunity, please contact Gopal Pandurengan at Gopal.Pandurengan@socialsecurity.gov.scot  Please note that we will not engage with external recruitment agencies for this post.   Further InformationThis post requires the successful candidate to clear additional National Security Vetting clearance “SC” before a start date can be offered. Further information regarding National Security Vetting clearance can be found here - United Kingdom Security Vetting: Applicant - GOV.UK (www.gov.uk) The successful candidate will be expected to remain in post for a minimum of 3 years unless successful in gaining promotion to a higher Band or Grade.Social Security Scotland are a Disability Confident Employer. We will consider and implement any reasonable adjustments you may require throughout the recruitment process and during the course of your employment, should you be successful in securing a post. If you feel you may require assistance with any part of our recruitment process, please contact us at Recruitment@socialsecurity.gov.scot.Social Security Scotland’s recruitment processes are underpinned by the recruitment principles of the Civil Service Commissioner, which outline that selection for appointment be made on merit on the basis of fair and open competition - Recruitment - Civil Service Commission (independent.gov.uk)     If you feel at any time your application has not been treated in accordance with the values in the Civil Service Code and/or if you feel the recruitment has been conducted in such a way that conflicts with the Civil Service Commissioner’s Recruitment Principles, you can make a complaint, by contacting Social Security Scotland at recruitment@socialsecurity.gov.scot in the first instance. If you are not satisfied with the response you receive you can contact the Civil Service Commissioner.  If you experience any difficulties accessing our website or completing the online application form, please contact the Resourcing Team via recruitment@socialsecurity.gov.scot     If you are interested in us contacting you about further available vacancies, please sign up to our mailing list to receive job alerts.