Security Architect (Inside IR35) Full Time

eTeam Inc.

Security systems designer to work on HLD, LLD for on-boarding EMS, DNE, Ironman mgmt systems, VNF LSO, secure builds, PaaS design and CI/CD.
The primary purpose for this role would be providing E2E Security Design and Solution Specific Security Design (HLD/LLD) for a Telco Cloud Hybrid management platform.

What you’ll do:

The Security Architect role drives complex design, development, and implementation activities in order to provide security design related services to the business. The position focuses on the strategic greenfield implementation of a hybrid cloud platform (using VMware and AWS) together with the underpinning security services and controls.
Partner with all stakeholders and external vendors to design, develop, deploy and support the best possible solution to meet client business needs. 
Responsible for providing architectural leadership to the team to ensure compliance and adherence of products and services is to the defined architecture specifications, requirements, and industry best practices in a timely manner.
Assess, define collect and define business requirements with the view to be used to a target security designs across the network management platform
Communicate design approaches and recommendations effective to gain stakeholder approvals and agreements
Coordinate design activities across multiple teams and services to ensure successful completion of complex projects
Develop both technical and functional solutions that integrate with business processes
Develop E2E Security Design (HLD) for the hybrid cloud (using VMware and AWS) network management platform
Develop Security Design (HLD/LLD) for specific security controls but not limited to: Firewalls, Proxy, AWFs, API Gateways, Managed File Transfer, Remote Access VPN, SDN VMWare Security, CI/CD Pipeline, Security Vulnerability Scanning and PenTesting.

What you’ll bring:

Minimum 5 years’ experience working as a Security Architect (such Security Enterprise Design Architect, Lead Security Designer, Security Architect)
Expert knowledge of security architectures, technologies, standards and industry guidelines, especially those applicable to Public Cloud (SaaS, PaaS, Iaas) and Private/Hybrid Cloud.
Proven experience in project delivery/consultancy role. End to end security design delivery from requirements to solution readiness and operational transition.
Proven experience in security designing and implementing security solutions deployed to a private cloud (preferable VMWare) and public cloud (preferable AWS)
Proven experience in producing high-level and low-level designs for security related cloud (private and public) products and features
Wide range of technical experience across multiple Security domains

Demonstrate a deep understanding of security concepts and can apply them to a technical level to guide engineering teams, for example:

Logical Security Segmentation
Private and Public Cloud IP Network Security: SDN Security, Host Group, Network Group Security
Security automation and orchestration
Security Controls (Firewalls, WAFs, API Gateways, Proxy, Managed File Transfer, IPSec)
Layer 7 Inspection and detection, EDRs
IP Routing experience – underlay and overlay (SDN)
Boundary controls, network segmentation and access control
Working within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure and Security as Code (Docker, Kubernetes, Git, Terraform, Ansbile, Jenkins)
Cryptographic knowledge including encryption, key exchange, certificate handling and protocols (x509, PKCS12 etc)
Authentication, Authorisation and Accounting concepts and best practice
Familiarity with compliance & security standards across the security domain such as NCSC, NIST, CIS
Creating complex technical designs and diagrams using diagram and vector graphics applications (Visio, Lucidchart, etc.)
Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills
One or more high-level security certification technical security certifications (eg CCSP, CISSP, AWS Certified Solution Architect)