1. Home
  2. Jobs

Details:

Location:

Kew, Richmond

Category:

Security
Senior management
Digital

Salary:

£60,000 - £64,500

Contract type:

Contract Permanent

Hours:

Full time

Telephone:

02083925313

Lead Cloud Security Engineer

The National Archives is the official archive and publisher for the UK Government, and for England and Wales. We hold over 1,000 years of iconic national documents – from Domesday Book to digital files from contemporary government. Our mission is to collect, preserve, and make accessible the record of the state, helping citizens understand their past and governments make informed decisions for the future.

Our digital services support preservation and access at scale – and securing our systems means protecting history itself. We are seeking cyber professionals with hands-on technical skills and a passion for protecting data and infrastructure that underpins national memory. Join us and be part of a unique, purposeful mission.

As the Lead Cloud Security Engineer, you will lead TNA wide initiatives to protect digital assets, data and cloud infrastructure from ever evolving threats. The role demands deep technical expertise, leadership in secure by design implementation and architecture governance, and the ability to influence decisions across departments and external suppliers. You will be accountable for the design, implementation and continuous improvement of multi cloud security frameworks (AWS, Azure and other environments), aligned with government standards and resilient to emerging risks. Your work protects critical information from malicious attacks, accidental loss and unauthorised access.

Reporting to the IT Security & Information Assurance Manager, you will own the “how” of secure cloud delivery across TNA—translating policy objectives into actionable technical standards, guardrails and patterns, and making the implementation decisions that ensure they are adopted effectively.

You will Chair a virtual Technical Design Authority (TDA) to embed secure by design practices across AWS, Azure and other cloud environments, define technical standards and roadmaps to reflect the desired cyber security posture and remain hands on—engineering solutions, codifying controls and leading complex investigations. Through the TDA you hold decision rights to set guardrails and approve exceptions across directorates, combining technical authority, governance leadership and practical delivery to keep TNA’s systems secure, compliant and cost efficient.

As Lead Cloud Security Engineer, you will spearhead strategic decision-making and shape the overall security posture of our cloud infrastructure. You’ll collaborate closely with cross-functional teams across The National Archives to define security architecture, evaluate emerging technologies, and establish work practices and technologies that align with business objectives and regulatory requirements. Leveraging deep expertise in cloud platforms and threat landscapes, you’ll guide the selection and implementation of security controls, drive risk assessments, and lead incident response planning. Your leadership will ensure that security is embedded into every stage of cloud adoption and operations, fostering a culture of proactive defence and continuous improvement.

This is a full time post. However, requests for part-time working, flexible working and job share will be considered, taking into account at all times the operational needs of the Department. A combination of onsite and home working is available and applicants should be able to regularly travel to our Kew site for a minimum of 60% of their work time.

Essential criteria:

- Significant expert knowledge of cloud security in either AWS or Azure, with proven experience leading cross organisation security initiatives.

- Demonstrable experience in architecture governance (guardrails, patterns, exceptions) and standardising threat modelling.

- Strong hands on engineering skills: IaC, CI/CD security, IAM hardening, CSPM tuning, incident response.

- Ability to drive cost efficiencies and make evidence based recommendations.

- Technical expertise in the following tech stack; AWS, Azure, Microsoft 365, GitHub, Kubernetes, Terraform, Linux, JAMF, Sentinel and Defender for Endpoint

- Experienced in excellent communication and able to influence up to senior leadership being able to deliver complex technical concepts and summarise complicated events to senior stakeholders up to and including board level

SC clearance/willingness to obtain SC clearance will be required for this role. This requires candidates to have been resident in the UK for at least the past three years. Please do not apply if you have been resident in the UK for less than three years as your application will be rejected.

For more information and to apply please follow the link at the bottom of the page.

Museum Website: https://nationalarchives.wd3.myworkdayjobs.com/en-US/Careers/details/Lead-Cloud-Security-Engineer_JR200742