Candidates: Create an Account or Sign In
Candidates: Create an Account or Sign In
Security Arcitect
Location: Bristol, UK
Clearance Required: Must be eligible for SC Clearance
Are you passionate about safeguarding advanced products and systems from ever-evolving security threats? We are seeking a highly skilled Security Architect to join our cutting-edge team in Bristol. In this role, you'll be instrumental in securing the software development lifecycle for complex systems within the defence and national security domain.
This position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards-this is essential-as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1. If you're an experienced professional with strong capabilities in threat modelling, risk assessment, and secure systems architecture, we want to hear from you.
Role Responsibilities:
Integrate security controls throughout the product development lifecycle
Conduct detailed threat modelling and risk assessments using recognised tools
Lead the implementation of risk management strategies based on industry best practices (NIST, ISO)
Work closely with development teams to ensure secure-by-design principles are followed
Identify and propose mitigations for security vulnerabilities in solution architectures
Maintain and evolve internal security policies, documentation, and awareness training
Support incident response efforts and coordinate remediation actions where needed
Serve as a subject matter expert on product and application security to internal stakeholders
Key Requirements:
Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable
Working knowledge of DefStan 05-138 (Issue 3) and DefStan 05-139 (Issue 1) is essential
Proficiency in threat modelling methodologies and tools (e.g., STRIDE, DREAD, Attack Trees)
Familiarity with other standards such as ISO/IEC 27001, ISO 27005, OWASP, and MOD ISN 23/09
Ability to identify, assess and mitigate risks across software and hardware product ecosystems
Strong written and verbal communication skills, including the ability to convey risk to non-technical audiences
Ideal Candidate Traits:
Analytical thinker with strong problem-solving skills
Detail-oriented with excellent planning and organisational abilities
Resilient, proactive, and capable of driving initiatives forward independently
A team player with the ability to influence at all levels of the organisation
Eligible for SC clearance and able to work in the UK without restrictions
