Network Security Architect

Network Security Architect

Project People are currently recruiting on behalf of a Global Telecommunications Company that is at the forefront of the mobile internet revolution with a network built for the Internet.

Scope

The Transport Team within Network Strategy is responsible for delivering strategy and high-level architecture for enterprise wide Transport, IT and Mobile services technology security.

This opportunity is for a security architect to become involved in a mixed technical/business role with the fastest growing and most innovative mobile operator in the highly competitive UK telecoms industry. This role is critical in helping the strategy and architecture team to provide end-to-end transport security architecture governance based on policy, compliance and legislative requirements, and technology security patterns for our enterprise transformation programme.

The role will include architectural steer and governance of enterprise IT and Network:

• Security controls and services with respect to preserving levels of confidentiality, integrity, availability and privacy that are risk appropriate and aligned to target architecture.
• Secure connectivity between services in different public/private off premise external IT cloud providers i.e. Microsoft Azure IAAS, AWS IAAS, various SaaS providers
• Secure services required either within and between the private/public IT clouds i.e. identity and access management, secure transport, load balancing, DNS, etc
• Automation of security controls where possible; and use of such technologies including SDN, SIEM, DoS, NFV controls where appropriate
• Identification and expression of security risks to Three within a particular architecture or design decision.

Responsibilities

• Responsible for the governance of a high-level target network security architecture which offers the best solution for risk mitigation, performance, economics and customer experience.
• Ensuring the architecture and design satisfy the legislative, regulatory and contractual obligations of a telco services supplier within the UK market.
• Liaise with legal and regulatory team, and IT asset owners to identify information artefacts in scope of specific network security requirements.
• Support the risk process in identifying, categorising and managing risks throughout the IT and Network security delivery.
• Ensuring strategy and architecture is executed via the appropriate solution delivery teams and overseeing it through to delivery to ensure that strategic business benefits are realised.
• Supporting vendor RFI and RFQ processes and offering consultative steer on contractual requirements.
• Liaising with the delivery and enterprise risk teams to ensure timely and accurate management of identified risks.

Desired Skills & Experience

Must-have:

• Relevant industry certifications in IP networking and IT security (eg. CCIE, CISSP, CISM, CRISC)
• Excellent overall understanding of IP networks and IT security technology and principles within a service provider or large IT enterprise environment.
• Experience with implementing compliant architecture to support standards and regulatory agencies including NIST Cyber Security Framework and 800-53 control standards, IETF, ETSI, 3GPP, Cyber Security Essentials Plus, ISO27001, OFCOM, GDPR and PCI-DSS certification.
• Experience of identifying, rating and managing technology security risk.
• Excellent knowledge and experience of fixed/mobile and data centre networks and functions, the security threat landscape and relevant security mitigation.
• Experience of defining network security architectural principles and policy; and governing their implementation (particularly zoning and trust based segregation policy in DC environments).
• Significant experience of operating in a governance and architecture role; or a design role having end-to-end responsibility and spanning multiple technology domains.
• Experience of working in a technology based role and interfacing to a varied number of internal and external stakeholders.

Nice-to-have:

• Vendor and partner management experience
• Knowledge and experience of GDPR and privacy obligations and compliance
• Knowledge of Telco specific regulatory and legislative environments.

If you have the relevant skills for this role, please APPLY now or get in touch with Christopher Casey at Project People today.

Project People is acting as an Employment Business in relation to this vacancy.