Security Architect (contract)

Company Description

About Us

One team. Global challenges. Infinite opportunities. At Viasat, we’re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.

Job Description

What you'll Do

As Viasat continues to mature our internal technology stack, and develop commercial cyber security products and services, we recognize the value of formal information security architecture & engineering processes as key enablers of such activities. It is the planning process that provides the models, templates and principles that are used to design, implement and operate cyber and information security solutions. It enables consistency, leverage and reuse to satisfy the business requirements for security services in an optimum manner, but it is the effective implementation and operation of these capabilities that will ensure the success of the security strategy and organisation’s risk management objectives.

The Security Architect plays an integral role in leading on defining and assuring security requirements and controls within Viasat's networks. The role will require the individual to effectively collaborate with Security Architecture & Engineering and Operational network teams in order to define Network security solutions and operational strategies.

The role demands business insight; technical acuity; and strong team management and stakeholder engagement skills.

The day-to-day

• Work in collaboration with the Security Architecture & Engineering to provide network security subject matter expert guidance
• Provide security control and architectural requirements to support business networking projects, product development and change & transformation initiatives
• Develop and maintain network security design, policy, standard and process artefacts
• Review existing network security capabilities and define roadmap and strategy for security enhancements
• Work directly with IT and operational network teams to support with business as usual security requirements
• Represent Security Architecture & Engineering on technical, design, strategy and change forums and working groups
• Continue development of techniques, processes and team expertise in order to improve the capability, efficiency and market competitiveness of team’s security services offering
• Perform other duties as assigned

Qualifications

What you'll Need

• Proven knowledge on networking technologies, evidenced with minimum level Professional vendor and industry certifications
• Industry recognised network and network security certification
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials, is desired
• Combined IT, Network and security work experience, with a broad exposure to infrastructure/network and multiplatform environments
• Proven knowledge and experience in providing security control and architectural requirements to support networking design and architecture: IPv4, IPv6, dynamic routing protocols, switching, layer 3 to layer 7 firewalling, remote connections, MPLS, datacentre design, virtual networking, SDN/SDWAN and firewalling; in existing, legacy and greenfield corporate and operational technology networking environments
• Knowledge of TCP/IP stack, standard networking protocols, encryption technologies
• Knowledge of cloud based network and security technologies and principles
• Expert technical knowledge of network and security device configuration
• Expertise in network security areas including firewalling, application firewalling, IDS/IPS, NAC, threat intelligence, DDoS Mitigation, proven experience in configuration and administration of security devices from leading vendors
• Experience in supporting design and implementation of secure third party access or interconnecting alien networks with on premises networks
• Knowledge of secure implementation of application layer controls including web content filtering proxy, reverse / forward proxy
• Knowledge of privileged access management solutions
• Experience with team management and mentoring
• Expert knowledge of network security design best practice standards and design principles including segmentation, zone/trust models
• Capability to write clear and structured technical documents including Network Security Patterns and Standards, Code of Connectivity, High & Low Level design artefacts
• Capability to clearly articulate a network design at all levels (conceptual, logical, physical etc.) for technical, senior and business audiences
• Excellent skills in design and architecture tools including Visio, Enterprise Architect or similar
• Strong stakeholder management skills with the capability to collaborate with and influence both technical and operational network teams, and senior leadership
• Proven experience in writing technical and operational security procedures
• Strong work ethic with a high standard of self-motivation and desire to deliver
• Results and quality driven, while being open to constant changes in priority and focus
• Ability to work in a team environment, to work under pressure and show flexibility

What Will Help You On The Job

• Expertise in defining network security requirements to support enterprise architecture
• Experience with next generation networking technologies (e.g. SDWAN, SASE)
• Good working knowledge and experience of telecommunications and / or satellite communications network technologies
• Knowledge of security control requirements for government classified networks
• Experience with defining network security technology strategy and roadmaps
• Networking behavioural monitoring tools
• Deployment of hybrid on premises- cloud infrastructure (Azure, AWS)
• System administrator knowledge of VM technologies, Microsoft and Linux servers
• Encryption and PKI technologies
• Knowledge of a security frameworks and methodologies (for example, NIST, SANS, Mitre Att&ck, Cyber Kill Chain)
• At 5+ years working in as a security architect or can demonstrate equivalent experience
• Must be eligible to work in this location advertised.
• Individuals with SC clearance or are eligible to apply for SC are highly desirable

Additional Information

You must be eligible to work in this location advertised.

EEO statement

Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic.