JOB SUMMARY

Do you want to help shape the future of secure digital public services in Scotland?
The Scottish Government’s digital strategy, A Changing Nation: How Scotland Will Thrive in a Digital World, sets out specific actions for transforming government, aligned to the National Performance Framework. Of most relevance to this role is the aim to build a suite of common platforms to be adopted across the public sector.
This role sits within the Digital Components & Infrastructure Division, part of the Scottish Government’s Digital Directorate. The division brings together three key programmes Digital Identity, SG Payments, and the SG Cloud Platform—focused on achieving this strategic outcome. All three are aligned with the 2021 Digital Strategy’s commitment to developing common platforms and component technologies to improve efficiency in the delivery of public services across Scotland’s public sector.
As a divisional role, this post will initially be part of a multi-disciplinary SG Cloud Platform Service team working to transform how the Scottish Government facilitates cloud hosting across the Scottish public sector and the Digital Identity team providing people with a secure and simple way to access public services online.
Both services are central to the wider common platforms’ objective outlined in the Digital Strategy. They play a key role in ensuring that valuable public services are delivered securely, efficiently, and accessibly.
In addition to supporting the development and operation of these platforms, as Lead Security Architect you will contribute to the wider division’s efforts and help promote the adoption of common platforms across the Scottish public sector. Working at scale and with a wide variety of public service users, our work is technically complex, varied, and rewarding—offering a real sense of pride in making a positive, tangible difference in people’s lives.

JOB DESCRIPTION

• Lead the SG Cloud Platform Service and other platforms within the division security architecture (including SABSA and NIST CSF).
• Own and maintain security vision, strategy, and baseline standards.
• Evaluate security risks and lead architectural decisions balancing business needs.
• Act as the escalation point for all security architecture matters.
• Support secure practices and toolchains.
• Influence stakeholders and advise on security across the division.
• Contribute to service decision making forums, design authorities and cross-government security communities.
• Support assurance processes and digital service assessments.
• May line manage Security Architects, Engineers, and/or Analysts.

EXPERIENCE:

• Lead Criteria 1: Understand security implications of digital transformation; challenge and lead changes to policy and processes to support business outcomes, business architecture, and legal and political implications with associated experience in designing secure solutions using industry standard tools and techniques.
• Lead Criteria 2: Demonstrate a deep understanding of security concepts and can apply them to a technical level and effectively translate and accurately communicate security and risk implications to technical and non-technical stakeholders.
• Experience of both assuring 3rd party architecture designs ensuring adherence to agreed policies, standards, and design patterns and also assuring project outputs against agreed architectural design.
• Experience of implementing technical security controls and standards in a variety of modern cloud applications using autonomic infrastructure including Amazon Web Services and/or Azure environments. Standards should ideally include ISO 27001, NCSC CAF, OWASP ASVS and CIS Benchmark.

TECHNICAL SKILLS:

This role is aligned to the Security Architect within the Cyber Security and Information Assurance job family.
You can find out more about the skills required, here.
These skills are assessed by technical assessment, designed to represent the role. Candidates reaching this stage will receive a Technical Assessment Candidate Pack which outlines the specific skills to be assessed, plus the method of assessment.

NATIONALITY REQUIREMENTS

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements

Digital