Security Assurance Architect - MOD DV - IR35 TBC

Security Assurance Architect - MOD DV - IR35 TBC

Posted Today by Sanderson Government & Defence

Apply
£800 Per day
Undetermined
Remote
Newbury, UK
Apply
Cloud Computing Cloud Services Cloud Technology Cyber Security Data Encryption Encryption Information Architecture Key Management Management Multi-Factor Authentication Pluggable Authentication Module (PAM) Risk Management Security Patterns Threat Modeling

Summary: The role of Cyber Security Architect/Assurance involves ensuring secure system architectures in alignment with MOD security standards for a defence sector programme. The position requires active MOD DV clearance and entails responsibilities such as threat modelling, security requirements documentation, and compliance activities. The role is flexible in terms of working arrangements, primarily remote, with a contract length of 3-6 months. The salary ranges from £600 to £800 per day, depending on experience and qualifications.

Key Responsibilities:

  • Assuring secure system architectures aligned to NCSC principles, JSP 440, JSP 604, and MOD security patterns.
  • Inputting into High-Level Designs (HLDs) and Low-Level Designs (LLDs) with explicit security controls.
  • Conducting threat modelling (STRIDE, attack trees, kill chain analysis).
  • Identifying and documenting security requirements for systems, networks, and cloud services.
  • Ensuring designs meet classification requirements.
  • Advising and assuring secure configuration baselines.
  • Designing identity, access, and privilege models (RBAC, Zero Trust, MFA, PAM).
  • Ensuring encryption, key management, and data-handling controls meet MOD standards.
  • Presenting designs and ensuring all designs are traceable to MOD security policies and risk appetite.
  • Conducting risk assessments using MOD-approved methodologies (e.g., NIST, ISO 27005).
  • Producing and maintaining Security Risk Assessments (SRAs) and Risk Treatment Plans (RTPs).
  • Identifying non-compliances and proposing compensating controls.
  • Supporting or leading the RMADS (Risk Management and Accreditation Document Set).
  • Working with the Accreditor, DAIS, or Security Assurance Coordinator (SAC).
  • Preparing evidence for Security Assurance Cases and IA artefacts.

Key Skills:

  • Active MOD DV clearance.
  • Experience in cyber security architecture and assurance.
  • Knowledge of NCSC principles, JSP 440, JSP 604, and MOD security patterns.
  • Proficiency in threat modelling techniques.
  • Experience with security requirements documentation.
  • Understanding of security controls and configuration baselines.
  • Familiarity with identity, access, and privilege models.
  • Knowledge of encryption, key management, and data-handling controls.
  • Experience in risk assessments and compliance activities.
  • Ability to prepare Security Assurance Cases and IA artefacts.

Salary (Rate): £800 daily

City: Newbury

Country: UK

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Cyber Security Architect/Assurance

  • Location(s): Remote, Bristol and Newbury
  • Type: Flexible, driven by work requirements
  • IR Status: TBC
  • Rate: £600 - £800
  • Clearance: Must have active MOD DV
  • Length: 3-6 months

Sanderson G&D are seeking an MOD DV Cleared Security Architect for an existing programme of work in the defence sector.

Role/Requirements

  • Assuring secure system architectures aligned to NCSC principles, JSP 440, JSP 604, and MOD security patterns.
  • Inputting into High-Level Designs (HLDs) and Low-Level Designs (LLDs) with explicit security controls.
  • Conducting threat modelling (STRIDE, attack trees, kill chain analysis).
  • Identifying and documenting security requirements for systems, networks, and cloud services.
  • Ensuring designs meet classification requirements
    • Security Controls & Patterns
      • Advising and assuring secure configuration baselines
      • Designing identity, access, and privilege models (RBAC, Zero Trust, MFA, PAM).
      • Ensuring encryption, key management, and data-handling controls meet MOD standards.
    • Design Governance
      • Presenting designs
      • Ensuring all designs are traceable to MOD security policies and risk appetite.
    • Assurance Activities (Compliance, Risk, Accreditation)
    • Risk & Compliance
      • Conduct risk assessments using MOD-approved methodologies (eg, NIST, ISO 27005).
      • Produce and maintain Security Risk Assessments (SRAs) and Risk Treatment Plans (RTPs).
      • Identify non-compliances and propose compensating controls.
    • Accreditation & Governance
      • Support or lead the RMADS (Risk Management and Accreditation Document Set).
      • Work with the Accreditor, DAIS, or Security Assurance Coordinator (SAC).
      • Prepare evidence for Security Assurance Cases and IA artefacts.

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Apply
Similar Jobs
Loading data...