Main purpose of role & level in the business:
As a Senior Security Architect in Kainos, you’ll be responsible for the design and application of industry leading security practices in the platforms and services we build for our customers. Our projects range greatly in variety, from visa and passport processing systems, to hospital medical record platforms and global financial management and HCM systems.
You’ll work with Agile delivery teams to ensure that they follow good security practices throughout the software development journey. You’ll learn about and apply new technologies and approaches, with talented colleagues who will help you develop and grow. You’ll share knowledge, and help educate people on good security practices – both customers and Kainos team members.
Minimum (essential) requirements:
- Expertise in leading the secure design of new cloud services and solutions in line with defined security strategies.
- Expertise in identifying security issues in existing system designs, including recommending sensible mitigations that balance cost, risk and usability.
- Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST, PCI, GDPR).
- Experience in application architecture, software development and/or infrastructure architecture.
- Experience in testing the security of software and infrastructure using appropriate security tools.
- Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques
- Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS).
- Experience of mentoring and coaching members of your team and wider community.
- Excellent communication skills, with the ability to convey security complexities to audiences of various technical abilities (e.g. senior stakeholders, development teams).
- Experience of Identity management and authentication/authorisation products and patterns.
- End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management.
- Active participation in knowledge sharing activities, both within the team and at a wider capability level and externally where appropriate.
- Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent)
Who you are:
Our vision is to enable outstanding people to create digital solutions that have a positive impact on people’s lives. Our values aren't abstract; they are the behaviours we expect from each other every day, and underpin everything that we do. We expect everyone to display our values by being determined in how obstacles are overcome; honest when dealing with others; respectful of how you treat others; creative to find solutions to complex problems and cooperative by sharing information, knowledge and experience
These values, applied collectively, help to produce an outstanding Kainos person, team and culture.
Kainos is a high-growth IT services company providing digital technology solutions and agile software development to enterprise customers. Across our 31-year history, we have worked on transformational projects across government, NHS and a myriad of private sector clients