Security Architect

NNL/TP/32602/1489

This job has been closed.

Number of Positions:
1
Contract Type:
Permanent - Full Time
Salary:
Salary starting at £47,706
Working Hours:
39 Hours
Location:
Risley, Cheshire
Closing Date:
08/06/2022
Business Area:
IT
Post / Zip Code:
WA3 6AE

Job Introduction

Job Description for Security Architect:

There’s never been a more exciting time to be part of the nuclear sector. New opportunities are being created all the time. At NNL, you’ll be in the ideal place to capitalise on this momentum, face new challenges and develop a long, successful and meaningful career. 

We’re an organisation that’s here to experiment and push the limits of what’s possible. So, if you’re keen to excel in your chosen field, this is the place to do it. Because at NNL, anything is possible.

The NNL operate a hybrid infrastructure and continue to lead the way in maximising the use of cloud technology in the nuclear industry. As a member of the Architecture Team, the Security Architect will be responsible for the technical security of NNL assets and infrastructure.

The location for this role is flexible and can be based at Risley, Preston, Culham, Stonehouse or Workington.

Main Responsibilities

Main Responsibilities for Security Architect:

  • Maintain an overall perspective on technology and security issues, events and activities, with an understanding of their wider implications and long-term impact. This could include determining patterns, standards, policies, roadmaps and vision statements focusing on outcomes, solutions and activities.
  • Document or derive business, security and or technical requirements.
  • Design innovative solutions in accordance with our architecture principles.
  • Apply Secure by Design principles.
  • Be proactive and continually improve the performance and security of our technology estate.
  • Create proof of concepts and undertake solution assessments / fit gap analysis.
  • Produce HLD’s, LLD’s, Target State Architectures, Roadmaps, Blueprints, Build Books, Test Plans.
  • Build and implement small to medium scale solutions and or take the lead for large-scale solutions.
  • Ensure deployed solutions are aligned to functional and non-functional requirements and provide technical sign-off for service transition.
  • Analyse buy over build position considering financial and operational considerations.
  • Work with 3rd party suppliers to resolve issues (i.e. SOC or NOC).
  • Be accountable for the technical security of the NNL technology estate.
  • Analyse the current environment to detect security deficiencies and ensuring fixes are implemented in line with policies.
  • Maintain awareness of developments in the security and technology industry to ensure that the technology landscape is kept secure in line with industry standards.
  • Develop architecture patterns and security approaches to new technologies.
  • Author Risk Balance Cases and providing technical input into RMADS or other official security related documentation.
  • Inspire and influence others to execute security standards, policies and principles.

The Ideal Candidate

Essential Criteria for Security Architect:

  • Highly competent in designing secure system architectures through the application of patterns and principles, to meet user needs whilst managing risks.
  • Experienced in turning business problems into technical designs by designing systems characterised by managed levels of risk, business, and technical complexity and meaningful impact.
  • Demonstrable knowledge and understanding how governance works, what governance is required and taking responsibility for the assurance of parts of a service knowing what risks need to be managed.
  • Practical understanding of architecture methodology e.g. TOGAF.
  • Maintain knowledge of current and future digital trends and be able to demonstrate successful application to solve real world business problems.
  • A demonstrable track record working in a similar role.
  • Have a strong conceptual and practical understanding of the Microsoft Cloud, Office 365 platform and business productivity tools including for example Power Platform.
  • Applying security concepts to a technical level, working with security tools, network security infrastructure technologies and Information Security Management frameworks (e.g. ISO 27001, CoBIT and SOX).
  • Understanding and applying industry standards including for example NCSC information security guidance and architecture patterns.
  • Interpreting information and guidance from our SOC and converting these into actionable instructions to our infrastructure and operations teams.
  • Proficient in evaluating the security of applications and architectures using both manual and automated techniques (e.g. code security scanners, web vulnerability scanners and assessment support tools) to identify security issues.
  • Experienced in scoping and working with third party penetration testers for an accredited or regulated environment.
  • Understanding security architecture methodology e.g. SABSA.
  • To have a CISA, CISSP, CISM or CIA certification.
  • To have CRTSA (Crest Registered Technical Security Architect).
  • Ability to obtain SC level security clearance (this includes but is not limited to identity, employment, financial and criminal record checks plus 5 years’ worth of UK residency).

Desirable Criteria for Security Architect:

  • Experienced in scoping and working with third party penetration testers for an accredited or regulated environment.
  • Understanding of SABSA.
  • CISA, CISSP, CISM or CIA certification.
  • CRTSA (Crest Registered Technical Security Architect).

About The Company

Grounded in robust science and decades of experience, National Nuclear Laboratory (NNL) is the authoritative voice in the UK and beyond for technological development within the nuclear power sector.

Our unparalleled understanding of the science, challenges and opportunities makes us an unrivalled authority and partner in the field, providing experts, technologies, and access to cutting-edge facilities to organisations around the world.

Harnessing potential technologies and translating them into to industry-ready solutions means our pioneering approach spearheads international improvement and technological progress.

We work on projects as small as drilling a hole to analyse underground wastes with our integrated micro drilling technology, or as large as developing state-of-the-art power systems for spacecraft, based on radioactive materials

NNL has a vision for Equality, Diversity and Inclusivity (ED&I) where NNL aims to be an inclusive workplace that attracts diverse talent through transparent and equal policies and procedures. We want you and the diverse mix of people that we employ, customers that we service and stakeholders that we influence to feel valued. We encourage a workplace culture where everyone can thrive with a sense of belonging.

Recruitment Agency Notice

We operate a strict Preferred Supplier List (PSL) for the provision of recruitment services. Only agencies on our PSL may provide CVs and only when the role is released to them by our recruitment team. We will not accept unsolicited CVs from suppliers not currently on our PSL. We explicitly reserve the right to add candidate details from unsolicited CVs from non-PSL agencies into our own candidate database and to pursue/hire such candidate(s) without any obligation, financial or otherwise, to the agency concerned.