Job Description:
DXC Technology is committed to building diverse, inclusive teams. We welcome applications from all backgrounds and particularly encourage interest from women, underrepresented groups, and neurodivergent candidates. We offer reasonable adjustments throughout the hiring process and are dedicated to creating a supportive, accessible environment for everyone.
Security Architect
Location: Farnborough (onsite 5 days per week)
Security Clearance: Due to the secure nature of the work and our customer requirement, candidate are required to hold DV clearance
The Security Architect designs and implements comprehensive security architectures protecting defence and aerospace IT environments. You will develop enterprise security strategies, lead security programme implementations, architect integrated defence-in-depth solutions, and ensure compliance with stringent MOD security requirements. This role demands exceptional expertise in security architecture, risk management and defence security standards.
Security Strategy & Architecture
- Design holistic security architectures incorporating people, process and technology security.
- Develop enterprise-wide security strategies aligned with MOD Classification Guides and Defence Security Policy.
- Architect defence-in-depth security solutions across network, application, data and endpoint layers.
- Lead security architecture reviews and technical security assessments.
- Design zero-trust security models and continuous verification frameworks.
Cyber Threat & Risk Management
- Assess cyber threat landscape and design threat-informed security architectures.
- Lead security risk assessments and vulnerability management programmes.
- Design incident response, threat intelligence and cyber defence capabilities.
- Architect security monitoring, detection and response solutions.
- Design business continuity and cyber resilience frameworks.
Compliance & Standards Implementation
- Ensure security architectures comply with MOD security requirements and ITAR regulations.
- Design security solutions supporting Information Security Management System (ISMS) compliance.
- Architect compliance and audit capabilities for regulatory reporting.
- Lead security standards implementation and controls frameworks.
Security Solutions & Integration
- Architect endpoint protection, data loss prevention (DLP) and advanced threat protection solutions.
- Design cloud security architectures supporting hybrid and multi-cloud environments.
- Architect application security, API security and secure SDLC integration.
- Design security operations centre (SOC) capabilities and security information and event management (SIEM).
- Lead security technology evaluation and implementation programmes.
Technical Leadership & Governance
- Lead security technical teams and provide architectural mentoring.
- Establish security design standards, architecture patterns and operational governance.
- Drive technical decision-making through security design reviews.
- Document security architecture decisions and design specifications.
Customer & Stakeholder Engagement
- Serve as technical authority for security architecture discussions with customer leadership.
- Present security recommendations to defence programme teams and executive stakeholders.
- Lead security architecture workshops and customer engagement activities
What You’ll Bring
- Previous background in information security within a architectural role.
- Proven experience designing enterprise-scale security architectures.
- Strong background in defence, aerospace or government security programmes.
- Demonstrated expertise with security operations, incident response and threat management.
- Track record of leading security transformation and programme implementations.
- Deep expertise in security architecture frameworks, methodologies and best practices.
- Expert-level knowledge of network security, endpoint security and application security.
- Strong understanding of threat models, attack vectors and defence-in-depth strategies.
- Proficiency in cloud security (AWS, Azure security, or equivalent).
- Knowledge of security tools (SIEM, DLP, EDR, WAF, firewalls, etc.).
- Understanding of cryptography, encryption and security protocols.
- Familiarity with MOD security requirements, Classification Guides and defence standards.
- Knowledge of compliance frameworks (ISO 27001, NIST CSF, etc.).
Personal Attributes
- Exceptional strategic thinking combined with strong technical depth.
- Outstanding communication and stakeholder engagement skills.
- Strong problem-solving and analytical capabilities.
- Proven ability to lead technical teams and influence executive stakeholders.
- Passion for security excellence and continuous improvement.
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf.