Solutions Designer

We are hiring a solution designer/Enterprise architect (GCB3 equivalent) position in London/Sheffield for 6 months on a hybrid model.

Job Description:

Net Segmentation Solution Designer / Enterprise Architect (GCB3 equivalent) Security Solution Designers own and are responsible for providing Reference Architecture related to Network Segmentation and security controls applied to ensure applications, environments, regions and business units are appropriately secured to limit blast radius and traversal throughout the network. This role must ensure that all relevant artefacts are created in collaboration with key stakeholders across the bank, and approved via the appropriate governance to ensure an end-to-end traceability from threats, risks and vulnerabilities through to implementation. Security Solution Designers should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Additionally, the Security Solution Architect will provide technical thought leadership and direction to their aligned projects and may stand in as subject matter experts and consultants related programmes.

Principal Preferred Requirements

• Cybersecurity Expertise: Significant experience and proven technical depth within the following domains: network segmentation (inc. micro), network isolation, application segmentation, application security, SDLC and lower environments security.
• Practical experience of network segmentation of an existing network into zones, segments, end-to-end segregation from design through to delivery and migration (e.g. refactoring, deployment), and accompanying standards.
• Documentation of the above areas including but not limited to: Standards, Patterns, Strategies, Roadmaps and recommendation papers positioned at senior leadership level as well as for engineers.
• Deep and extensive knowledge of industry standard frameworks around the security of networks and applications (e.g. NIST, SANS, ITU).
• Experience and understanding of threat modelling, risk assessments and maintaining a data-driven evidence-based approach to decision making.
• Significant experience dealing with regulatory bodies globally, from requirements to audits.
• Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level.

Qualifications & Certifications:

• Bachelors or Masters degree in Cybersecurity, Computer Science, Software Engineering, or related scientific or mathematic field.
• SABSA, TOGAF certification or related industry-recognised certifications.
• Network infrastructure qualifications, along with Application security (e.g. CEH or similar).

Platform & Technology:

• Working practical knowledge of legacy and modern networking infrastructure.
• Experience with both inter and intra-zone security controls (e.g. WAAP, NIPS/NIDS, NGFWs, DDoS, API Gateways, Reverse Proxies, AuthNZ).
• BizzDesign, Archi, or generic UML visualisation experience for high-level designs.
• Working proficiency in Jira for project & tasks management.
• Working proficiency in Confluence for documentation.

Principal Accountabilities and Responsibilities

• Architecture & Design: Collaborate extensively and align directly with Security Architecture colleagues and produce high quality detailed artefacts.
• Liaise with key stakeholders across the bank to understand requirements, constraints, technical debt, initiatives and drivers and keeping communication lines open and transparent.
• Producing and documenting clear, concise and accurate Reference Architecture including Standards, Patterns, Roadmaps and Strategies.
• Articulation of problem statements, technical debts, decisions and risks to senior management.
• Seeking and gaining buy-in where necessary from stakeholders to ensure pragmatism in a global fast-paced environment.
• Ensuring governance is being followed and providing data-driven evidence in order to ensure decisions can be appropriately taken.
• Liaising with PMOs, BAs, SAs, SMEs and Policy owners to ensure requirements are being appropriately captured and delivered against in artefacts.
• Production of strategies, standards, patterns and roadmaps, along with future-state architectures that describe the approach, benefits, timelines and dependencies.
• Clear understanding of both the motivations of the business and technical security.
• Promote strong documentation and clerkship.

Governance:

• Managing challenging stakeholders, feedback and review and ensuring the right outcomes.
• Ensure all architecture artefacts undergo appropriate peer review prior to design authority presentation.
• Present publications at technical design authorities for input, feedback, and approval.

Risk and Dependency Management:

• Effectively manages and escalates both technical and organisational risks or issues.
• Articulates solutions and remediation steps to technical risks & issues.
• Ability to map risks & issues to articulate the cause and rationale which leads to any negatively impacting change.

Leadership & Teamwork:

• Clearly and pragmatically communicates verbally and in writing to all stakeholders to ensure collaboration is always at the forefront.
• Provides technical thought leadership in their domain of expertise.
• Willingness and ability to work across information technology as a cybersecurity SME.

Cloud Transformation:

• (Migration) Understanding non-functional requirements, producing artefacts such as deployment architecture, interface catalogue, identify internal and external dependency, vendor and internal IT management, support build and testing team.
• (Modernization) Understanding and defining target architecture in Integration space, assessing project pipeline/demand and align to target architecture, technical support of delivery team in terms of POC and technical guidance.

Mandatory Skills: Proxy.