Network Security Architect

The Job

The Team within Network Strategy is responsible for delivering strategy and high-level architecture for enterprise wide Transport, IT and Mobile services technology security.

This opportunity is for a security architect to become involved in a mixed technical/business role with the fastest growing and most innovative mobile operator in the highly competitive UK telecoms industry. This role is critical in helping the strategy and architecture team to provide end-to-end transport security architecture governance based on policy, compliance and legislative requirements, and technology security patterns for our enterprise transformation programme.

The role will involve reflecting strategic principles in the creation of new, and refinement of existing, high level target architectural patterns and principles to meet the needs of the transformed business. Working closely with various managed services partners, you will govern the production of end-to-end delivery architecture and design artefacts to ensure they achieve appropriate risk-managed compliance to the target architecture.

The role will include architectural steer and governance of enterprise IT and Network:

• Security controls and services with respect to preserving levels of confidentiality, integrity, availability and privacy that are risk appropriate and aligned to target architecture.
• Secure Internet connectivity patterns for public facing services.
• Secure connectivity between services in different public/private off premise external IT cloud providers i.e. Microsoft Azure IAAS, AWS IAAS, various SaaS providers
• Secure connectivity within and between the public/private off premise external IT cloud providers (where appropriate)
• Secure services required either within and between the private/public IT clouds i.e. identity and access management, secure transport, load balancing, DNS, etc
• Automation of security controls where possible; and use of such technologies including SDN, SIEM, DoS, NFV controls where appropriate
• Identification and expression of security risks, within a particular architecture or design decision.:Responsible for the governance of a high-level target network security architecture which offers the best solution for risk mitigation, performance, economics and customer experience. Ensuring the architecture and design satisfy the legislative, regulatory and contractual obligations of a telco services supplier within the UK market.Liaise with legal and regulatory team, and IT asset owners to identify information artefacts in scope of specific network security requirements.
• Definition and creation, where applicable, of supporting architectural principles, requirements and policies to provide a common body of reference artefacts to various managed service partners.Support the risk process in identifying, categorising and managing risks throughout the IT and Network security delivery.
• Ensuring strategy and architecture is executed via the appropriate solution delivery teams and overseeing it through to delivery to ensure that strategic business benefits are realised.Reporting to the wider security governance team within the Security steering committee and programme delivery committees as necessary to ensure parity of the security posture, within the end-to-end enterprise wide landscape.
• Supporting vendor RFI and RFQ processes and offering consultative steer on contractual requirements.Liaising with the delivery and enterprise risk teams to ensure timely and accurate management of identified risks.

• Desired Skills & Experience

Relevant industry certifications in IP networking and IT security (eg. CCIE, CISSP, CISM, CRISC)

Experience with implementing compliant architecture to support standards and regulatory agencies including NIST Cyber Security Framework and 800-53 control standards, IETF, ETSI, 3GPP, Cyber Security Essentials Plus, ISO27001, OFCOM, GDPR and PCI-DSS certification.Up-to-date knowledge IT and network security technologies, principles, services, and benefits.Excellent knowledge and experience of fixed/mobile and data centre networks and functions, the security threat landscape and relevant security mitigations.Significant experience of operating in a governance and architecture role; or a design role having end-to-end responsibility and spanning multiple technology domains.Experience of working in a technology based role and interfacing to a varied number of internal and external stakeholders.Excellent negotiation, and written and verbal presentation skills.Architectural knowledge of networking technologies such as:

• Ability to simplify analysis and present results clearly at all levels of the business - including at senior management team level.
• Experience in creating architectural artefacts aligned to common enterprise architecture framework practices.
• Ability to steer solutions based on the overall architecture without dictating the detailed design delivery.
• Experience of defining network security architectural principles and policy; and governing their implementation (particularly zoning and trust based segregation policy in DC environments).
• Ability to weigh solution viability and suitability in consideration to wider impacts i.e. risk, cost, customer impact, timescales, etc.
• Experience of identifying, rating and managing technology security risk.
• Excellent overall understanding of IP networks and IT security technology and principles within a service provider or large IT enterprise environment.

Must-have:

• Datacentre network transport and IT security,
• Cloud network transport, IT, Cloud Management Platforms (CMP's) and Cloud Access Broker security
• Software Defined Networking (SDN) and automation,
• Virtualised Applications, Containers and Network Functions Virtualisation (NFV) in cloud environments
• Security controls and services for Protection, Identification, Management monitoring, control and segregation; and
• IT Network Security Design for Web application and N-tier applications.Vendor and partner management experienceKnowledge of Telco specific regulatory and legislative environments.
• Knowledge and experience of GDPR and privacy obligations and compliance

Nice to have:

Vendor and partner management experience

Knowledge and experience of GDPR and privacy obligations and compliance

Knowledge of Telco specific regulatory and legislative environments.

Project People is acting as an Employment Business in relation to this vacancy.