National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Principal Security Architect

Vercida
Greater London
1 week ago
Create job alert

Length of employment:

Job Summary:At the forefront of the fight to protect energy consumers, Ofgem is strengthening its internal defences - because safeguarding our systems against cyber threats is vital to delivering our mission. We're looking for a Principal Cyber Security Architect to join us and lead the charge in shaping secure, resilient digital systems at the heart of our organisation.

Ofgem is Great Britain's independent energy regulator. Our primary responsibility is to protect energy consumers, especially the most vulnerable, while at the same time working with government, industry and consumer groups to deliver a clean, more affordable and secure net-zero energy system at the lowest cost to consumers and drive economic growth..

We're offering a permanent role where you'll apply your security architecture expertise to projects with strategic impact, influencing decisions at the highest level. This is an opportunity to make a tangible difference by helping us transform our technology landscape while reducing cyber risk across the organisation. Your work will ensure we stay secure by design, resilient by default, and consistently prepared for evolving threats.

You'll work at the heart of a multidisciplinary team, collaborating with internal stakeholders and leading national security partners to embed robust security into every stage of the digital lifecycle. As a recognised expert, you'll play a central role in building long-term cyber strategies and providing guidance that sets standards across our organisation and the wider energy ecosystem.

We're looking for someone with a deep understanding of security architecture and a proven track record of influencing complex programmes and senior leaders. Your approach to solving challenges will be methodical and strategic, and you'll be comfortable operating in fast-paced, high-stakes environments where your guidance truly matters.

In return, you'll join a collaborative and inclusive culture that values innovation and supports development. You'll benefit from flexible working arrangements, excellent civil service benefits, and the opportunity to be part of a high-profile mission that impacts millions of people and the UK's energy future.

We have a critical purpose to lead the development of secure digital systems and architecture within our organisation, combating cyber threats and strengthening resilience across the UK's energy landscape through trusted design, strategic leadership, and expert guidance.

Job Description:
Key Responsibilities:

Lead projects with high strategic impact, setting a strategy that can be used in the long term and across the whole organisation.

  • Ensure the CTO function and teams have a constantly updated repository of best practice resources available to reduce cyber risk whilst transforming towards Secure By Design
  • Review and assess threats affecting the market, based on effective partnerships with the Security, Intelligence and Law Enforcement Agencies, other Regulators and energy sector partners.
  • Leverage a variety of sources to continuously maintain Ofgem Cyber Reference Architecture with principles, requirements, patterns, anti-patterns, implementation, engineering and operational maintenance options.
  • Influence key organisational and architectural decisions, and interact with senior stakeholders across organisations to reach and influence a wide range of people across larger teams and communities.

To support the team deliverables, that utilise your expertise to ensure successful outcomes across team members and collaborating teams

  • Provide clear and transparent work objectives, milestones and success metrics in your area of expertise to oversee and co-ordinate successful team outcomes.
  • Collaborate closely with other teams to manage interdependencies, risks and resourcing to support portfolio delivery.
  • Where required, be jointly responsible with the PDL on welfare and pastoral care of all colleagues.
  • Demonstrate effective diversity and inclusive team management within their team and the wider organisation.

Key Outputs and Deliverables

  • Use applied security expertise to develop and maintain solutions that align with Ofgem Cyber guidance, to support the improvement of cyber resilience for the organisation.
  • Use applied security expertise to identify key programme and technical risks, leading the design of mitigating security architectures.
  • Create and clearly communicate security expectations to industry, providing expert guidance to operators on interpreting such statements into meaningful and appropriate security requirements.
  • Document expert cyber architecture design reviews of operator system architectures to identify security weaknesses and recommend mitigations.
  • Identify and Document Cyber Risks within the Secure By Design lifecycle.
  • Provide expert advice on security architecture implications of technological trends when applied to existing systems how innovative technologies change the security approach required.
  • Effectively communicate difficult risk and security concepts in accessible ways that can be clearly understood by business leaders. Contribute to and develops risk communication strategies.
  • Attend, lead and provide expert input to Specialist Interest Groups to share security best practice across the sector.
  • Follow a methodical and repeatable approach to reviewing the security of a system architecture and describe that approach.
  • Contributes to new and innovative security architecture guidance for others to re-use.



Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working, flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.

Role Criteria

Essential:

  • Expertise in security architecture and applied security capability. (LEAD)
  • Certified to one, more or equivalent: CISSP, GICSP, GRID, SABSA, TOGAF. (LEAD)
  • Practitioner in information risk assessment and risk management.
  • Experience of working in Cyber Security within Critical National Infrastructure.
  • Extensive experience working collaboratively with diverse colleagues.
  • Have experience in the process of developing and managing a range of options and decisions that aligns with your organisation's priorities.
  • Develops, plans and delivers work outcomes, including clear and transparent work objectives, milestones and success metrics.
  • Able to achieve and maintain SC clearance.


Desirable:

  • Experience of working in Energy Sector



When you press the 'Apply now' button, you will be asked to complete personal details (not seen by the sift panel), and upload a copy of your CV anonymising all details where necessary.

You will then be asked to provide a 1250 word 'personal statement' evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your supporting statement, how you meet each of the essential and desirable skills and capabilities.

The Civil Service values honesty and integrity and expect all candidates to abide by these principles. Ofgem take any incidences of cheating very seriously. Please ensure all examples provided are of your own experience. Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant applications will be withdrawn from the process.

Related Jobs

View all jobs

Principal Security Architect

Principal Security Architect - Sentinel, Defender, Purview

Principal Security Architect

Principal Security Architect

Principal Security Architect

Principal Security Engineer (Vulnerability Management)

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

How to Present Cyber Security Solutions to Non-Technical Audiences: A Public Speaking Guide for Job Seekers

Cyber security is no longer just an IT issue—it’s a board-level priority. Whether you’re applying for a role in penetration testing, security operations, risk management, or compliance, your ability to clearly explain cyber threats and solutions to non-technical stakeholders is vital. This guide will help cyber security job seekers develop one of the most in-demand soft skills in the industry: public speaking. You’ll learn how to simplify complex concepts, structure effective presentations, use storytelling and analogies, and handle common stakeholder questions with confidence.

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams. Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025. Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see: Main UK hub Example live or recent vacancy Why it’s worth a look (tech stack, culture, mission) Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.