Security Architect

Company Description

Come join us and make a difference in the world!

We’re NEC Software Solutions (part of global tech giant NEC Corporation). While you read this ad, our software is helping to dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.

Working with us, you’ll be helping our 3,000+ employees push the boundaries of what’s possible and support amazing public services.

We work with governments, hospitals, police forces, housing providers, local authorities and more. We help them pay financial support faster, speed up treatments for patients and respond to emergencies in the right way. The more we do, the more our customers can do for others. And together, we make a world of difference.

We’d love your help. And we’ll support you all the way.

Discover more at www.necsws.com

Job Description

The Security Architect plays a hands-on role in day-to-day cyber security defence operations in addition to undertaking design and implementation of security enforcing technical controls. The role will benefit from a technical background and involve specification of solutions that deliver the cyber security programme of work, adhering to industry and company architecture and design principles. 

Communication and collaboration are paramount to this role, the Security Architect will be working closely with internal stakeholders on a continuous basis, understanding their needs, and designing solutions to security-oriented problems, either as new opportunities or ongoing technical refresh of existing solutions. 

Experience delivering architectures to UK Government, Health and Policing as a Security Architect will be of high relevance for this post however, a good understanding and practical experience of security principles is more relevant. Support and training will be provided to successful candidates irrespective of experience developing an understanding of specific security concepts and technologies.  

The successful candidate will be able to demonstrate recent experience in the design, implementation and operation of security technologies and infrastructure. Experience working within DevSecOps teams to develop and maintaining a robust security architecture for cloud-based services, and creating and maintaining security assurance documentation would be advantageous.

The successful candidate will join the central architecture team that comprises enterprise, security, technical and solution architecture disciplines.

Responsibilities will include: 

• produce security architecture designs meeting business requirements within the overarching architecture framework. 

• work closely with other architects within the architecture practice and across the wider business collaborating on designs to ensure they are secure by default.

• support application development and product teams providing threat and risk assessment, advice and guidance to enhance the security and privacy of any application or service. 

• support the bid and sales team providing security architecture expertise, producing security focused responses to questionnaires and tender documentation. 

• work closely with the wider cyber security team providing security expertise, responding to security questions and undertaking impact assessment of emerging vulnerabilities and CVEs to ensure that remediation and actions taken are appropriate.

• present security architecture designs to the technical assurance board and support the technical assurance process based on specialist knowledge and experience.

• produce security assurance documentation for internal and customer services.

• support or be responsible for the implementation of security architecture designs providing knowledge transfer to support teams and hands-on support where necessary. 

• support the technology roadmap process undertaking and presenting investigations related to new and existing security focused technologies enabling controlled technology adoption. 

• undertake continuous learning to maintain knowledge of the key security technologies in use by NEC, emerging technology trends, and industry standards to support business innovation through intelligent use of IT. 

Qualifications

Essential 

• Proven experience producing high quality architecture designs within a small to medium size enterprise environment.

• Proven understanding of security and non-functional requirements and their impact on solution design, can demonstrate strong awareness of security ensuring that technical designs provide sufficient protection for systems and workloads

• Understanding of secure development practices within a secure software development lifecycle, experience of DevOps / DevSecOps practice.

• Experience designing, developing and implementing solutions deployed to public cloud platforms.

• Demonstrates a good working knowledge of end user, compute, networking, storage technologies, including desktop and server virtualisation technologies, network switches and firewalls, perimeter boundary protection, and SANs. 

• Good hands-on design, implementation and operational experience working with security focused technologies across end user and server computing such as Anti-Virus and Malware, Encryption, Device control, Protective Monitoring. 

• Strong interpersonal skills, demonstrating a variety of influencing styles to enable effective completion of tasks both individually and within groups. 

• Ability to manage concurrent projects employing effective time management skills. 

• Desire to undertake self-learning to ensure awareness of emerging technologies and potential security threats. 

Desirable 

• Working knowledge of threat modelling methodologies to conduct threat-modelling against new applications and services. 

• Experience assessing the risk profile of software solutions through formal risk assessment methodologies. 

• Experience designing and implementing solutions deployed to a multi-tenanted community cloud platform. 

• Experience designing and delivering solutions within the UK Government domain. 

• Familiarity with compliance & security standards across the enterprise IT landscape such as ISO 27001 and NCSC Cyber Essentials, as well industry security requirements such as NIST and CIS. 

• Familiarity with ITIL service management principles & tools, and their use in an enterprise environment.

Additional Information

We are proud of the benefits we offer employees of NEC Software Solutions 

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost)
• 25 days paid holiday with the option to buy/ sell 
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A fantastic selection of flexible benefits to suit your individual needs
• We are an employer who cares, we have a invaluable employee assistance programme which can help in every area of your life

Candidates must be able to demonstrate a pre-existing right to work and travel within the UK. Documentary evidence will be required.

All offers are subject to satisfactory vetting and reference checks.

NEC Software Solutions is an equal opportunities employer, welcoming applications from all communities.

All offers are subject to satisfactory vetting and reference checks. Depending on the nature of the role a Disclosure Barring Service (DBS) check may also be required. This role will require a higher clearance such as SC and NPPV +SC Clearance (or be able to apply for this level of clearance).