Job Description:
Location: Farnborough, Hampshire, UK
Employment Type: Permanent, Full-Time
Security Clearance: Developed Vetting (DV) - Essential
Salary: Highly competitive, commensurate with experience
DXC Technology is a Fortune 500 global company with over 40 years' presence in the UK, recently establishing its Aerospace and Defence Hub in Farnborough. We deliver enterprise security solutions protecting critical defence and aerospace operations from evolving cyber threats.
The Security Architect designs and implements comprehensive security architectures protecting defence and aerospace IT environments. You will develop enterprise security strategies, lead security programme implementations, architect integrated defence-in-depth solutions, and ensure compliance with stringent MOD security requirements. This role demands exceptional expertise in security architecture, risk management and defence security standards.
Security Strategy & Architecture
- Design holistic security architectures incorporating people, process and technology security
- Develop enterprise-wide security strategies aligned with MOD Classification Guides and Defence Security Policy
- Architect defence-in-depth security solutions across network, application, data and endpoint layers
- Lead security architecture reviews and technical security assessments
- Design zero-trust security models and continuous verification frameworks
Cyber Threat & Risk Management
- Assess cyber threat landscape and design threat-informed security architectures
- Lead security risk assessments and vulnerability management programmes
- Design incident response, threat intelligence and cyber defence capabilities
- Architect security monitoring, detection and response solutions
- Design business continuity and cyber resilience frameworks
Compliance & Standards Implementation
- Ensure security architectures comply with MOD security requirements and ITAR regulations
- Design security solutions supporting Information Security Management System (ISMS) compliance
- Architect compliance and audit capabilities for regulatory reporting
- Lead security standards implementation and controls frameworks
Security Solutions & Integration
- Architect endpoint protection, data loss prevention (DLP) and advanced threat protection solutions
- Design cloud security architectures supporting hybrid and multi-cloud environments
- Architect application security, API security and secure SDLC integration
- Design security operations centre (SOC) capabilities and security information and event management (SIEM)
- Lead security technology evaluation and implementation programmes
Technical Leadership & Governance
- Lead security technical teams and provide architectural mentoring
- Establish security design standards, architecture patterns and operational governance
- Drive technical decision-making through security design reviews
- Document security architecture decisions and design specifications
Customer & Stakeholder Engagement
- Serve as technical authority for security architecture discussions with customer leadership
- Present security recommendations to defence programme teams and executive stakeholders
- Lead security architecture workshops and customer engagement activities
- Communicate complex security concepts to technical and non-technical audiences
Security Clearance
- Must hold or be eligible to obtain DV clearance - Essential
- 10 years continuous UK residency required
Experience & Expertise
- Minimum 12 years' information security experience with 5+ years in architecture role
- Proven experience designing enterprise-scale security architectures
- Strong background in defence, aerospace or government security programmes
- Demonstrated expertise with security operations, incident response and threat management
- Track record of leading security transformation and programme implementations
Technical Knowledge
- Deep expertise in security architecture frameworks, methodologies and best practices
- Expert-level knowledge of network security, endpoint security and application security
- Strong understanding of threat models, attack vectors and defence-in-depth strategies
- Proficiency in cloud security (AWS, Azure security, or equivalent)
- Knowledge of security tools (SIEM, DLP, EDR, WAF, firewalls, etc.)
- Understanding of cryptography, encryption and security protocols
- Familiarity with MOD security requirements, Classification Guides and defence standards
- Knowledge of compliance frameworks (ISO 27001, NIST CSF, etc.)
Personal Attributes
- Exceptional strategic thinking combined with strong technical depth
- Outstanding communication and stakeholder engagement skills
- Strong problem-solving and analytical capabilities
- Proven ability to lead technical teams and influence executive stakeholders
- Passion for security excellence and continuous improvement
- Previous DV or SC clearance
- Experience with defence or aerospace security programmes
- CISSP, CISM, CCSK or equivalent security certifications
- AWS Security or Azure Security certifications
- Experience with security governance and compliance frameworks
- Knowledge of ITAR compliance and export controls
- Armed Forces or military security background
- Highly competitive salary and comprehensive benefits package
- Enhanced pension and private medical insurance
- Flexible working and professional development support
- Opportunity to architect security for mission-critical defence organisations
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf.