Security architect
Find out what a security architect in government does and the skills you need to do the role at each level.
Last updated 30 November 2024 — See all updates
Contents
- — What a security architect does
- — Security architect role levels
- — Roles that share security architect skills
- — Senior Civil Service roles that security architect could lead to
What a security architect does
A security architect designs and builds secure solutions.
Security architect role levels
There are 3 security architect role levels, from security architect to principal security architect.
The typical responsibilities and skills for each role level are described in the sections below. You can use this to identify the skills you need to progress in your career, or simply to learn more about each role in the Government Digital and Data profession.
1. Security architect
A security architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches to new technologies.
At this role level, you will:
- recommend security controls and identify solutions that support a business objective
- provide specialist advice and recommend approaches across teams and various stakeholders
- communicate widely with other stakeholders
- advise on important security-related technologies and assess the risk associated with proposed changes
- inspire and influence others to execute security principles
- help review other people’s work
This role level is often performed at the Civil Service job grade of:
- HEO (Higher Executive Officer)
- SEO (Senior Executive Officer)
Skill | Description |
---|---|
Level: working Working is the second of 4 ascending skill levels |
You can:
|
Communication (security architect) Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
Level: working Working is the second of 4 ascending skill levels |
You can:
|
Enabling and informing risk-based decisions Level: working Working is the second of 4 ascending skill levels |
You can:
|
Level: working Working is the second of 4 ascending skill levels |
You can:
|
Level: working Working is the second of 4 ascending skill levels |
You can:
|
Understanding security implications of transformation Level: working Working is the second of 4 ascending skill levels |
You can:
|
2. Lead security architect
A lead security architect undertakes complex work of a high risk level, often working on several projects.
At this role level, you will:
- interact with senior stakeholders across departments
- reach and influence a wide range of people across larger teams and communities
- research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions
- develop vision, principles and strategy for security architects for one project or technology
- work out subtle security needs
- understand the impact of decisions, balancing requirements and deciding between approaches
- produce particular patterns and support quality assurance
- be the point of escalation for architects in lower grade roles
- lead the technical design of systems and services
This role level is often performed at the Civil Service job grade of:
- G7 (Grade 7)
- G6 (Grade 6)
Skill | Description |
---|---|
Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
Communication (security architect) Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
Level: expert Expert is the fourth of 4 ascending skill levels |
You can:
|
Understanding security implications of transformation Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
3. Principal security architect
A principal security architect works on services of high complexity and risk, making decisions to enable the business to achieve its needs.
At this role level, you will:
- work on projects with high strategic impact, setting a strategy that can be used in the long term and across the breadth of the organisation
- communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles and strategy for security architects
- recommend security design across several projects or technologies, up to an organisational or inter-organisational level
- have a deep and evolving level of technical expertise, so you can act as an exemplar
- make and influence important business and architectural decisions
- research, identify, validate and adopt new technologies and methodologies
- be a recognised expert and demonstrate this expertise by solving unprecedented issues and problems
- further the profession, demonstrating and sharing best practice within and outside the organisation
This role level is often performed at the Civil Service job grade of:
- G6 (Grade 6)
Skill | Description |
---|---|
Level: expert Expert is the fourth of 4 ascending skill levels |
You can:
|
Communication (security architect) Level: expert Expert is the fourth of 4 ascending skill levels |
You can:
|
Level: expert Expert is the fourth of 4 ascending skill levels |
|
Enabling and informing risk-based decisions Level: expert Expert is the fourth of 4 ascending skill levels |
You can:
|
Level: practitioner Practitioner is the third of 4 ascending skill levels |
You can:
|
Level: expert Expert is the fourth of 4 ascending skill levels |
You can:
|
Understanding security implications of transformation Level: expert Expert is the fourth of 4 ascending skill levels |
You can:
|
Roles that share security architect skills
Role | Shared skills |
---|---|
Data governance manager |
Senior Civil Service roles that security architect could lead to
Updates
Published 7 January 2020
Last updated 30 November 2024
30 November 2024
- The skill 'security technology' has been updated. The level descriptions were edited to improve clarity and to better meet the definitions for each level.
31 May 2024
- The indicative job grades for the 'lead security architect' role level have been updated from 'SEO and G7' to 'G7 and G6'. This change is based on the latest data on the most common grades for these role levels across government.
31 July 2023
- Security architect was moved to the new architecture role group.
30 August 2022
- The ‘specific security technology and understanding’ skill has been renamed ‘security technology’ to ensure consistency across the DDaT Profession Capability Framework.
7 January 2020
- First published.