We are currently recruiting across a wide variety of roles for new and existing programmes with our clients in the Aerospace, Defence and Security sectors. Through Agile Project Management, technical design and build, automated Testing with an emphasis on 'secure by design' delivery, we will utilise the newest technologies to deliver an interconnected on-premises technology solutions.

These roles require the successful applicants to undergo UK security vetting clearance (or a willingness to apply).

The Company:

Sopra Steria, European leader in digital transformation, provides one of the most comprehensive portfolios of end-to-end service offerings in the market: Consulting, Systems Integration, Software Development and Business Process Services. Sopra Steria is trusted by leading private and public organisations to deliver successful transformation programmes that address their most complex and critical business challenges.

Sopra Steria’s Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We champion a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK’s most complex safety- and security-critical markets.

The Opportunity:

The role involves advising on technical security aspects of customer-owned services that are considered, evaluated, or implemented by project and operational BAU teams. The role will author threat modelling, gap analysis, risk assessments, update existing and/or draft new security artefacts in support of the customer’s requirements. In addition, the role will act as a technical security assurance SME on all aspects of security accreditation, information assurance and information security.

NB: this is an operational delivery role for which UK Security vetting is required.

Specific responsibilities include:

• Collaborate with customer stakeholders to deliver solutions that meet the business need, client contractual requirements, and which are compliant with the Enterprise Security Architecture principles.
• Understand the business and information risk context and propose architectures and countermeasures to mitigate security risks.
• Using threat modelling to provide risk or threat-based advice along with actionable mitigation recommendations.
• Analyse existing and proposed technical architecture for security risk, applying secure architecture principles and practices to assure technical architectures.
• Produce security architecture designs and conceptual architecture documentation, with specific focus on security and information assurance.
• Support the security lead in the wider operational delivery including advocating a strong security culture and training to new joiners.
• Work with internal design authorities and change management team to ensure all changes are reviewed, supported, and implemented IAW local ways of working.
• Manage the scope of security testing working closely with the operational security team.
• Superb communication, verbal, and written skills.
• Motivated self-starter, confident at engaging with internal and client stakeholders
• Able to manage multiple workstreams and prioritise where required.

We embrace difference as a source of creativity, innovation and competitive advantage and welcome applications from people with a diverse variety of backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status

If you require any adjustments to the recruitment process, to enable you to perform to the best of your ability, please let us know when completing your application.

Essential Skills:

• Security Architecture
• Secure Architecture
• Vulnerabilities
• Risk Management
• Strong technical awareness 
• Demonstrable understanding of implementing security architecture framework principles (e.g., NCSC, NIST, OWASP, SABSA, TOGAF) ideally in a cloud environment.

Desirable Skills:

• Experience of the Government sector

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you!

Employment Type: Full-time
Location: Cheltenham
Security Clearance Level: Ideally have DV – we will consider candidates who do not currently hold this clearance
Internal Recruiter: Josh Huggins-Smith
Salary: £50,000 to £55,000
Benefits: 25 days annual leave with the option to buy additional days, life assurance, pension, and generous flexible benefits fund