Across government, cyber security is no longer confined to protective controls at the edge of systems; it is fundamental to how organisations design, build and operate secure digital services. As technology estates become increasingly complex and cloud adoption accelerates, the need to embed security from the outset—through consistent, architecture-led approaches—has never been more critical. At Ofgem, secure-by-design principles are central to ensuring that digital transformation is delivered safely, resiliently and in line with regulatory and national security expectations.
Ofgem plays a vital role in protecting energy consumers and enabling the UKÂ’s transition to a more secure, fair and sustainable energy system. As the organisation continues to modernise its digital, data and technology capabilities, cyber security must be fully integrated into every layer of design and delivery. Within the Digital, Data and Security Services (DDSS) directorate, we are strengthening our enterprise security architecture capability, embedding robust secure design practices and aligning with cross-government and National Cyber Security Centre (NCSC) standards.
As Principal Security Architect, you will provide enterprise-wide leadership for secure design across OfgemÂ’s digital platforms, data systems and cloud environments. Sitting within Enterprise Architecture under the CTO, you will act as the senior authority on security architecture, ensuring that programmes, products and services adopt consistent, standards-based approaches to security from inception through to delivery.
This is a highly influential role with significant strategic impact. You will define and shape Ofgem’s secure design vision, principles and frameworks, while leading architectural assurance across complex, high-risk systems. You will operate at the intersection of technology, risk and business strategy—balancing innovation and delivery with strong governance, compliance and resilience.