Security Solution Architect

Job title: Security Solution Architect

Location: Hybrid (with travel to customer sites as required) - Initially Andover

Business unit: Central Government

Skills: Prior experience with defence projects, Solutions Architecture, Security, CISSP

Description:

We’re Civica and we make software that helps deliver critical services for citizens all around the world. From local government to central government, to education, to health and care, over 5,000 public bodies across the globe use our software to help provide critical services to over 100 million citizens.

Our aspiration is to be a GovTech champion everywhere we work around the globe, supporting the needs of citizens and those that serve them every day. Building on 21 years of continuous growth and success, we're at a pivotal point on our journey to realise that aspiration.

As a company, we’re passionate about what we do and the citizens we help to serve. If you too would like to help champion the use of technology in public services, to improve outcomes for citizens and public sector organisations, then Civica is the right place for you. We will help you unlock the best version of yourself, achieve growth in your career whilst making a real difference to people and communities.

Requirements

Role purpose:

As a member of the Central Government architecture capability, you design and deliver best-in-class solutions that meet the business and technical needs of our clients, ensuring technical and architectural integrity, and delivering to time, cost and quality criteria.

The role of the Security Solution Architect is to ensure that the critical services delivered to our clients are securely designed and delivered to the highest quality standards.  You will leverage expertise, experience and best-practices in secure design and development to minimise security risk.

Principal responsibilities

·       Lead the security architectures for major projects and programmes of work across the Central Government division.

·       Promote secure-by-design principles across Central Government division.

·       Use best-practice methods for identification and mitigation of security threats.

·       Provide advice, leadership and mentoring for technical teams, defining standards and practices for secure solution design and delivery.

·       Support identification of secure development training needs across internal teams.

·       Support scoping and remediation for IT Health Check (ITHC) and 3rd-party penetration testing exercises.

·       Work with customers and accreditors to identify security risk & requirements, advise on impact and to effectively assure resulting solution design and build.

·       Collaborate with colleagues across other disciplines to ensure consideration of security at all stages of the lifecycle.

·       Engage directly with clients on a consultative/pre-sales basis to develop pipeline of work.

·       Maintain visibility of the current security landscape, including awareness of latest vulnerabilities.  Understand and articulate the impact of vulnerabilities on solutions.

Essential competencies:

Previous experience working on government or defence projects and active SC clearance

Ability to articulate and present different points-of-views on various technologies from a software and solution security perspective

Highly customer focused, able to build trust and develop customer intimacy quickly

Solution-oriented with the imagination to identify innovative approaches to critical problems

Good interpersonal skills with the ability to guide, direct, motivate, and support staff

Effective time management and ability to respond to changing priorities and requirements

Experience of Secure Software Development Lifecycle processes and methodologies

Knowledge and experience of applying best practice for solution security (e.g., OWASP, NCSC cloud security principles)

Strong understanding and practical experience of performing security threat modelling and articulating risk profiles

Deep understanding of security concepts and demonstrated application to technical solutions

Knowledge and experience of applying best practice for handling personal data

Knowledge and experience of secure integration patterns and associated standards and technologies

Knowledge and experience of design and configuration of security tool chains as part of a DevSecOps approach

Relevant industry recognized Technical Qualifications (e.g. CISSP, CISM, Certified Ethical Hacker, Microsoft Cybersecurity Architect Expert, AWS Certified Security - Specialty)

Experience of working in secure customer environments

Experience of secure development using either Java or .NET and associated tools and frameworks

Experience of design of secure solutions based on the PaaS, SaaS, and IaaS capabilities of Microsoft Azure and/or Amazon Web Services

Knowledge and experience of securing container technologies such as Docker and Kubernetes

Knowledge and experience of Single Sign on and Authentication/Authorization technologies such as SAML, OAuth, OpenID Connect, Active Directory, ADFS and LDAP

Knowledge and experience of secure data architectures and associated patterns and technologies

Benefits

Life at Civica: Life at Civica is fun and flexible. We have the following benefits that make us – one of the top employers of choice and a great place to work.

Civica Foundation | Giving Culture: We encourage our people to take advantage of our Days of Difference initiative that makes a lasting impact in the community through goodness and charity.

Civica Culture | Work life balance and Blended working: Flexible working, less commuting and more time with friends and family gives a perfect work life balance to our people.

Learning and Development | Growth Opportunities: Civica has a unique 70:20:10 learning model, which supports your learning demands in an interesting, challenging & fun way!

Benefits

·         Employee Wellbeing: Being a people-first company, we have integrated health and wellbeing benefits for our members and their family. We have a team of Mental Health Champions working hard to change the stigma around Mental Health. We routinely run awareness workshops to ensure our colleagues better understand how Mental Health can impact your day-to-day life. We are available for support when you need it most and actively encourage our people to reach out to us.

·         Generous Leave Policy: Civica allows you to take time off from work with generous leave benefits.

·         Rewards and Recognition: We recognise and appreciate our colleagues for their contribution by monetary/non-monetary recognitions and rewards.

·         Tenure Milestone Recognition: We value and recognise the years of service of our people.

·         Employee-led Affinity Groups: Civica has different affinity groups in place, where people can share experiences and put forward their ideas, suggestions, and recommendations to make Civica an even more inclusive organisation for everyone. Our groups are for anyone who wants to support and ally with that community.

Civica Accolades:

·         ‘Investors in People’ – Gold: We prioritise the development of our colleagues to match their ambition.

·         Great Place to Work: We are dedicated to creating an outstanding employee experience.

·         Financial Times - Diversity Leader 2023: We’re committed to maintaining an inclusive and supportive culture.

·         Australian Business Awards – Employer of choice.

·         Top rated employer – Glassdoor: Our average length of service is 9 years.

·         Societal Impact: Our solutions impact positive societal change, supporting local Authorities, Schools, Police forces, the NHS and numerous Central Government offices.