- A proven track record in engineering secure Windows/Linux solutions in an enterprise IT context
- A proven track record in developing effective and secure networking architectures
- Experience with securing VMWare solutions
Has experience of reviewing system architectures to:
- Identify single points of vulnerability and common architectural flaws
- Identify security issues relating to configuration of components in an architecture
- Validate and explain how common attack methods are mitigated by the design identify areas where detailed technical analysis will be required to understand important nuances that could have significant security implications
- Designs and reviews system architectures for a broad range of complex or uncommon requirements to identify security weaknesses and recommend mitigations
- Designs (or significantly influences) the technical design of a system to enforce security properties that have been derived from first principles to meet a complex or uncommon set of requirements
- Follows a methodical and repeatable approach to reviewing the security of a system architecture, and can describe that approach
- Advises on security architecture implications of technological trends when applied to existing systems, such as migration to the cloud. Can explain how those technologies change the security approach required
- Contributes to new and innovative security architecture guidance for others to re-use
- Articulates security issues identified, proposes and prioritises appropriate mitigation options, taking into consideration other potential constraints (functional impact, cost etc.)Contributes to the design of system architectures that solve common business problems, including specifying required security controls
Understands the context and has required domain knowledge to tailor advice to the specific need of the customer
May have one or more technology specialisms where they are regarded as an expert in how their specialism supports security architecture design (e.g. telecoms, power, microservice architectures, identity)
· Demonstrates knowledge of internal and external sources of published security architecture guidance, including secure design principles and patterns
· Supports the design and/or review of common system architecture problems (e.g. typical website architectures or remote access solutions), using knowledge of common vulnerabilities, threats and methods of attack to identify recommended security controls, working under supervision
To strengthen your application, it would be beneficial if you have one or more of the following (but these are not essential):
· Experience/qualifications in cloud security
· Experience with common tools for information security management
· Practical experience in information security
· A broad understanding of and interest in many technologies outside your immediate expertise (including radio frequency engineering, communication technologies and mobile technologies)
TechnicalTechnical· Demonstrates broad-ranging Technical Security
knowledge necessary to understand system
architectures, including common server roles,
cryptography, key management, security technologies, virtual private networks (VPNs), load balancers, Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS)
· Has broad-ranging Technical Security knowledge necessary to understand system architectures that include common technologies (e.g. Windows and Linux servers, end user compute platforms, databases, common server roles, cryptography, security technologies, load balancers, cloud services
· Understands the application of security architecture in one or more domains - digital services, enterprise IT, operational technologies etc., as well as the other relevant inputs to architectural design in those domains (regulatory, government policy, standards etc.)
Guidant Global is acting as an Employment Business in relation to this vacancy.