Job Description

To provide deep specialist security architecture expertise in one of the three domains (Enterprise, Security, or Operational Technology), contributing to the development, assurance, and implementation of the organisation’s Security Architectural Framework. Senior Architects lead the design of secure systems and platforms, working collaboratively across multi-disciplinary teams to embed secure-by-design principles and ensure alignment to security strategies and standards. These roles are pivotal in translating security policy into technical design.

Job Context & Challenges:
The Security Architecture function is a newly established team, formed to strengthen our approach to cyber resilience across a complex, regulated, and high-stakes nuclear environment. The team operates at the intersection of legacy and emerging technologies, balancing technical rigour, regulatory compliance, and delivery pace in equal measure.

Security Architects must navigate a constantly evolving threat landscape, embedding resilience into design thinking while making pragmatic trade-offs under delivery and operational constraints. They play a critical role in enabling secure outcomes through deep technical expertise, cross function collaboration, and maintaining domain ownership across enterprise, security, and operational technology areas.

This team ensures that security is not only an overlay, but a foundational design principle—integrating best practice, informed by current risks, and aligned to regulatory expectations, including the Cyber Assessment Framework (CAF), particularly Objective B.

Principal Accountabilities

• Act as the domain lead architect within their area (Enterprise, Security, or OT), accountable for design integrity and secure-by-design practices.
• Translate business and risk requirements into secure architectural designs across IT and OT systems.
• Develop security architecture artefacts (e.g. threat models, design patterns, blueprints) in alignment with strategic frameworks and regulatory expectations.
• Support and guide projects through architecture governance and risk assessment.
• Provide technical leadership to less experienced architects and engineers, supporting career development and capability uplift.
• Collaborate across architecture, cyber, and delivery functions to ensure architectural alignment and risk mitigation.
• Perform security assurance activities including design reviews and architecture assessments for new and evolving solutions.
• Influence key design and investment decisions by providing expert-level risk insight and solution options to stakeholders.
• Contribute to the evolution of the Security Architecture Framework, providing insight into domain-specific trends, vulnerabilities, and technologies.
• Maintain current knowledge of cyber threats and security technologies within the relevant domain.

Authorities & Dimensions:
• Direct line management responsibilities at Level I and both levels I&II expected to coach and guide less experienced team members.
• Expected to act as domain SME in technical design and governance forums.
• Operates with significant autonomy on security architecture matters within their domain.
• Represents the architecture team in strategic projects and stakeholder engagements.
• Expected to contribute to the development of policy and standards relevant to their domain.

Knowledge & Experience

Essential Skills

• Proven track record in security architecture or secure systems engineering within complex IT or OT environments.
• Expert knowledge of cyber risk principles and security controls relevant to the chosen pillar.
• Ability to create and articulate technical security designs for diverse stakeholders.
• Experienced in delivering secure by design within a regulated environment (ideally nuclear, critical national infrastructure, or defence).
• Strong understanding of threat modelling, secure architectures, and assurance processes.
• Educated to degree level or equivalent experience in computer science, engineering, or cyber security.
• Strong working knowledge of architecture frameworks (e.g. TOGAF, SABSA, or equivalent).

Desirable Skills

• Industry-recognised security certifications (e.g. CISSP, CISM, SABSA, TOGAF).
• Knowledge of the Nuclear Industries Security Regulations (NISR) and/or CAF Objective B.
• Familiarity with cloud-native security architecture (e.g. Microsoft Azure, M365 security stack).
• Experience working in safety critical or industrial control environments.
• Active membership of CIISec, BCS, or a relevant professional body.
• Experience delivering secure solutions across the systems development lifecycle.

Additional Information

• Open VN
• Number of Vacancies: 1
• Contact/s: Mike Grice

The interviews for this vacancy are expected to start 17th November onwards.

ASW’s may have the right to apply for internal Sellafield Ltd vacancies. Please note if you are an Agency Supplied Worker you are required to attach evidence of all qualifications obtained to support your application. We require a minimum of A*-C GCSE in English, Maths & Science/IT or equivalent / higher qualification.

If you choose to apply for this role and your application is shortlisted by the hiring manager, you will be invited to a competency based interview. In the interview, you will be assessed against the below competencies:

Behavioural:
1. Team Leadership
2. Effective Communication
3. Drive for results

Technical:
1. Technical knowledge of Sellafield Ltd- 313.1
2. Information Security 314.6
3. IT Security 314.7
4. Information Technology Technical Expertise – 38.3

Please see link to the competency framework for further information:
https://slportal.ssa-intra.net/pub/SC001/00027/Competency%20Framework/Forms/AllItems.aspx

If your technical competency is not in the above framework, please refer to the profession’s share point page for further information.

Sellafield Ltd are recognised as a Disability Confident Employer (Level 3). Disability Confident employers offer an interview to disabled applicants that meet the minimum criteria for a vacancy. Sellafield Ltd define the minimum criteria as the ‘essential skills’ which are listed on the vacancy notice. Whilst completing your application form, you will be able to indicate if you wish to be considered under the disability confident scheme. If you would prefer to discuss this directly with us, please contact the GBS Recruitment team on recruitment@sellafieldcloud.co.uk.

Please ensure that you save a copy of this advert for future reference if you make an application for this role.