Job Description

Details

-----------

Reference number

437041

Salary

47,254 - 56,632
Please note, the starting salary will normally be offered at the minimum of the band.
A Civil Service Pension with an employer contribution of 28.97%
GBP

Job grade

Senior Executive Officer
Management Band 1

Contract type

Permanent

Business area

WP - ICT

Type of role

Information Technology

Working pattern

Full-time

Number of jobs available

1

Contents

------------

Location About the job Benefits Things you need to know Apply and further information

Location

------------


Senedd, T? Hywel, Cardiff Bay




This role will be agile, with a mixture of office and home working. You will be provided with the support and equipment you'll need to work from home. There will be a requirement to attend the office in Ty Hywel, Cardiff Bay to suit business needs. It is anticipated that this role will involve two days of on-site working per week.

About the job

-----------------

Job summary

This is a strategic leadership role requiring deep technical expertise in operational cyber security management, and a clear understanding of how to apply it across a complex, multi-site organisation.


It is a dynamic and high impact role where you will provide expert advice to Senedd Members and Commission Staff on technical security requirements helping shape and deliver the Senedd ICT strategy.

Job description

Your work will directly support the integrity of our democratic processes by ensuring robust compliance and governance across the organisation.


You will lead on the design and delivery of a technical architecture that controls and mitigates our cyber security risk. Through this, you will ensure that we satisfy any related legal and regulatory responsibilities and deliver a compliant environment that can continue to evolve in line with the Senedd requirements.


Working closely with Senedd Members, Independent Advisors, auditors and senior managers you will define our cyber security strategy and continually assess the effectiveness of the Senedd's information security arrangements.


Reporting to the Head of Infrastructure and Operations, you will manage and coordinate the security controls and processes that underpin our information security framework, such as, vulnerability management and incident response.

Person specification

Key tasks:

Security Architecture Design:

Develop and maintain the organisation's ICT security architecture, ensuring alignment with business objectives, regulatory requirements, and industry best practices.

Threat and Vulnerability Management:

Define and implement architectural standards for threat detection and vulnerability management, including automated scanning, penetration testing, and threat modelling.

Secure System Assurance:

Lead the technical assurance of new systems and services, embedding secure-by-design principles and conducting cyber risk assessments to ensure resilience and compliance.

Incident Response Architecture:

Architect and validate incident response capabilities, integrating them with monitoring and alerting systems to enable rapid and effective response to security incidents.

Technical Advisory and Communication:

Provide expert guidance to Senedd Members, Senior Officials, and technical teams on security architecture, translating complex concepts into clear, actionable advice for both technical and non-technical audiences.

Collaboration and Governance:

Work closely with the Governance and Assurance Service to embed security architecture into risk management processes and drive continuous improvement in technical assurance.

Security Awareness and Training:

Promote architectural security awareness across the organisation through policy development, technical training, and the integration of secure design principles into operational practices.

Standards and Compliance:

Establish and maintain security architecture standards aligned with frameworks such as ISO 27001, NIST, and Cyber Essentials Plus, ensuring consistent application across ICT systems.

Technical Problem Solving:

Lead the resolution of complex security architecture challenges, providing expert input on secure system design, integration, and remediation strategies.

Line Management Responsibilities:

The role includes direct line management of cyber security team members, fostering a collaborative and supportive environment. Responsibilities involve setting clear objectives, conducting regular one-to-ones, supporting professional development, and ensuring the team operates in line with organisational values and performance standards. Additionally, the post holder will be expected to mentor staff, oversee workload allocation, and provide guidance to ensure the effective delivery of security architecture functions across the organisation.

Job Specific criteria:



1. Proven experience in designing and implementing security architecture within a large, multi-site organisation, with the ability to communicate complex technical concepts clearly to stakeholders at all levels--including translating architectural decisions into business-relevant language for non-technical audiences.



2. Deep technical understanding of cyber security principles, threat landscapes, and mitigation strategies, with the ability to apply these effectively to the organisation's infrastructure, applications, and operational processes in alignment with strategic objectives.



3. Demonstrable experience in leading end-to-end improvements to ICT security architecture, including the design, delivery, and integration of secure systems and services, as well as managing project lifecycles and ensuring smooth service transition into operational environments.

Benefits

------------


Alongside your salary of 47,254, Welsh Parliament contributes 13,689 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.Learning and development tailored to your role An environment with flexible working options A culture encouraging inclusion and diversity A Civil Service pension with an employer contribution of 28.97%

Things you need to know

---------------------------

Selection process details

Details of the Selection Process:



Candidates are required to complete an application form through our recruitment portal addressing the job specific and desirable criteria.



Closing Date for applications:

23:59 24 November 2025.



Your application must be submitted before midnight on the closing date.

You will be updated on your progress via the email address you first register with. Please check your Junk Mail and Spam folders to make sure you don't miss any future correspondence.



Interviews will be held on: 10 or 11 December 2025.



Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check .



See our vetting charter .
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:


UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements

Working for the Civil Service

Please note this Post is NOT regulated by the Civil Service Commission.
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service Diversity and Inclusion Strategy .

Apply and further information

---------------------------------


Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

#

Job contact :

Name : Recruitment Team Email : jobs@senedd.wales Telephone : 03002007588
#

Recruitment team

Email : jobs@senedd.wales

Further information

https://senedd.wales/commission/work-for-the-senedd-commission/