Job Title: Architect - Network Infrastructure Security
• Location: Swindon Head Offices, South-West England.
• Flexibility to work from home for up to two days per week – dependent on delivery pressures.
We’re looking for a talented Security Architect, with a Network Infrastructure specialism. Our mission is to define and deliver the network infrastructure security architecture required to respond to the 21st century challenges, and opportunities, of innovative digital technologies and services.
Nationwide are a significant investor in IT and communications, creating the opportunity to work with leading suppliers and technology at the fore-front of communications infrastructure and cyber security.
Who we're looking for
The successful applicant will be a security professional with depth and breadth of experience in network security architecture. The applicant must be able to demonstrate the use of appropriate architectural and security frameworks and methodologies to successfully deliver technology and change. You must be able to demonstrate stakeholder management and influencing skills up to the senior executive level. At Nationwide, Architects are expected to have the drive to develop and maintain their specialist knowledge, share skills, communicate and collaborate with their colleagues, as well as continually evolve the architectural function and output.
As a minimum requirement you’ll:
• Exhibit a strong grasp of Enterprise Network Infrastructure Security Architecture principles in a digital transformation environment.
• Have a thirst for knowledge, technology, innovation and continual improvement.
• Demonstrate and understand the importance of architecting defence in depth security control capabilities for network infrastructure and services.
• Take the daily pragmatic architectural decision-making in your stride for large scale, highly available, low latency systems delivery projects.
• Be comfortable with RFI/RFP vendor selection and creating and critiquing requirements, LLD’s, and HLD’s; and considering key compliance guidelines including GDPR & PCI DSS.
• Evidence proven expertise in securing large enterprise networks and working with stakeholders to distil fundamental technical requirements from complexity.
• Be capable of working cross-functionally to collaboratively build cohesive, deliverable, and manageable solutions; proactively identifying and resolving issues independently.
You must show excellent practical knowledge of the following technologies, be aware of their deployment choices, and the implications on security and risk:
• Virtual/Cloud Networks, Security Centre, Azure AD Multi-Factor Authentication (or similar), SecureDNS, Privileged Identity and Access Management.
• MPLS, MP-BGP, OSPF, VRF's, IPSec, L3VPN, L2VPN, QoS/CoS Traffic Management techniques, VLAN, VXLAN, SDN, NFV, Micro-Segmentation, Wireless, Spine and Leaf DC networking, Service Peering Exchanges, WAN connectivity services.
• DDoS, DoS mitigation, NGFW, IPS/IDS, Reverse Proxy, Forward Proxy, WAF, CDN
• Application Delivery Controllers & Load Balancing algorithms (F5 LTM, F5 GTM, round-robin, least conns, Global load balancing).
• TCP, TLSv3 and IPv4/6
It would be nice if you also had
• The ability to balance complex business and technical requirements and establish the appropriate network security controls as necessary to satisfy them.
• A strong grounding in the use and implementation of network security behavioural analytics using AI and ML components, and closed loop automation techniques.
• Practical experience reviewing Enterprise Architecture designs and enhancing security solutions against policy, standards and industry best practice including RFCs, NIST CSF, NIST 800-53, ISO27001/2, CSA.
• Practical experience of cloud network infrastructure architecture, service types and their network implications.
• Pertinent security and network infrastructure professional vendor/industry qualifications.
What you'll be doing
You will be empowered to engage with a wide variety of stakeholders, vendors and partners, in addition to key programmes and projects to provide clarity, oversight, and direction and maintain alignment with the target architecture. At the forefront of Nationwide’s technology and services delivery you will proactively identify any emergent technologies, threats and risks. Based on these findings you will assist in providing an architecture to encompass these and ensure that Nationwide remains at the forefront of financial services and security.
You will specifically:
• Work closely with other architects to understand and deliver the agreed strategic outcomes for the security architecture function.
• Ensure solution architecture integrity throughout the change lifecycle on projects and programmes.
• Ensure that all solutions are fit for purpose, implementable, complete and align with maturing security strategies and standards.
• Support our digital transformation agenda with technical and business savvy consultancy.
• Support our procurement process to identify and evaluate suppliers and future partners
• Work closely with our suppliers / partners to support the development of solutions and to help inform the ongoing development of our security roadmap.
The extras you'll get
If you put a lot in, it’s only fair you should get a lot out. So, if you help us do the right thing for our members, we’ll help further your career with us.
As part of our team you’ll get:
· Access to training to help you progress and develop your technical skills and career
· Pension scheme where if you pay in 7% we’ll top it up to 23%
· Life assurance worth 8x your salary
· 24 days’ holiday plus bank holidays
· The ability to 'buy’ up to 10 days more holiday
· Flexible benefits scheme giving you access to discount vouchers at various retail outlets
· Access to a Healthcare scheme
· Access to an annual performance related bonus scheme