Who we are looking for
A Platform Security Architect
who will proactively offer solutions to security challenges within broader deliverables.
Through your expertise in Network Security you will work collaboratively with the wider business to ensure parity of the security posture across the enterprise. You will remain hands-on, designing security solutions across a large complex environment with demanding functional and non-functional requirements, as well as being a stakeholder in wider ranging initiatives.
You will have a strong background in network engineering and an innovative approach to meet the demands of an expanding fast-paced online business.
This role requires strong interpersonal skills as you will communicate security related concepts in an articulate and confident manner to senior stakeholders and staff of varying technical abilities.
If you are a specialist in security architecture with a deep and wide technical background across multiple security domains, in particular Network and Cloud Security, please get in touch to find out more about this opportunity where you could play a key role.Main Responsibilities:
Preferred Skills and Experience:
- Translating business needs into effective and sustainable solutions; balancing industry standard methodologies with the risk appetite of the business.
- Taking responsibility for the definition of a high-level target network security architecture which offers the best solution for risk mitigation, performance and business agility whilst satisfying compliance and regulatory requirements.
- Supporting projects and initiatives acting as the platform security SME across the Platform Infrastructure domain.
- Defining new and refining existing transport network security policies and architectures.
- Providing security assurance helping the department to exploit new and emerging technologies in a timely manner.
- Challenging and gaining support for platform security initiatives, adapting to future company aspirations, security obligations and new services.
- Supporting the Internal Audit team to review and evaluate the design and operational effectiveness of Platform security-related controls.
- Contributing to the development of Cloud Security practices.
- Providing technical leadership to the Network Security team by coaching, mentoring and helping to develop a team of Engineers.
- Conducting R&D and providing a roadmap of initiatives to support the business.
- Experience of identifying and managing technology security risk.
- Significant experience of operating in a governance and architecture role; or a design role having end-to-end responsibility and spanning multiple technology domains.
- Ability to steer solutions based on the overall architecture without dictating the detailed design delivery.
- Broad technical infrastructure experience at scale covering modern compute and orchestration stacks, as well as networking.
- Strong working knowledge of security infrastructure such as firewalls, intrusion prevention systems (IPS's), web application firewalls (WAF's), endpoint protection, SIEM and log management technology, encryption, certificate authority.
- Widespread knowledge of IP and network security vendors and solutions.
- Solid understanding of DevOps principles and Infrastructure as a service concept.
- Knowledge of threat modelling techniques and awareness of common threats and implementation failings.
- Appreciation of datacentre technologies to meet modern workloads such as virtualisation and containerisation, and the application of security principles around these e.g. policy driven micro-segmentation.
- Relevant industry certifications (e.g. CISSP, CEH, CISM) and knowledge of PCI DSS, ISO 27001 or equivalent certification frameworks.