The Centre for Data Ethics and Innovation, a directorate in the Department for Science, Innovation and Technology is leading delivery of a pilot project to explore the application of novel privacy enhancing technologies (PETs) - e.g. homomorphic encryption, secure multi-party computation, secure enclaves, federated analytics, differential privacy to enable collaboration on healthcare data held across jurisdictions. We are collaborating with two data owners who hold structurally and semantically similar datasets which they will make available for such a pilot, each hosted in a different jurisdiction.

We are seeking a privacy engineering and PETs expert to lead the system architecture design, collaborating with the data owners and other relevant technical teams to design a system that will be privacy-preserving by design, enable meaningful and accurate data analysis, and provide a straightforward user experience to the researcher carrying out analysis.

As a Security Architect your main responsibilities will be to: 

• Describe the privacy requirements of the datasets and define an appropriate privacy threat model for the system.
• Provide an analysis of different possible PETs-based solutions, listing costs and benefits, and providing recommendations on which solution to pursue.
• Sketch out theoretical proofs of privacy guarantees based on the chosen threat model.
• Derive theoretical values for the compute/memory/network overhead introduced by the use of PETs.
• Clearly list any foreseeable outstanding privacy or performance issues and describe potential mitigations.
• Articulate clear justification for how the proposed solution meets the design requirements.
• Define the user journey for a researcher using the platform, and list potential strengths, weaknesses, and mitigations.
• Provide options for delivery, including estimated timelines and costs for each option.

Essential:

• Demonstrated experience designing and building privacy engineering solutions.
• Demonstrated experience working with one or more of the following technologies: federated learning, homomorphic encryption, secure enclaves, secure multi-party computation, differential privacy.
• Experience in communicating technical concepts to a range of technical and non-technical audiences.
• Strong management and leadership skills, with the ability to collaborate effectively with diverse stakeholders.

Desirable:

• Certified Information Systems Security Professional (CISSP), Certified Information Privacy Technologist (CIPT), or related certification.
• Experience working with healthcare data.
• Knowledge of the UK GDPR and HIPAA.

If this role sounds like something that you would be interested in, please click the link to apply or get in touch with daniel.mcbride@publicsectorresourcing.co.uk 

Disability confident 

As a member of the disability confident scheme, DESNZ guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group.

If you qualify for the above, please notify us on PSRapplications@publicsectorresourcing.co.uk.

We will be in touch to discuss your suitability and arrange your Guaranteed Interview.

Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know.

In applying for this role you acknowledge the following this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.

Please be aware that this role can only be worked within the UK and not Overseas.