Network Security Architect - Network Segmentation - Sheffield

• Traditional Data Centre technologies, network segmentation with physical and virtual firewalls and other technologies used in network segmentation, like MPLS/eVPN.
• Software Defined Networking and segmentation within private cloud environments
• Segmentation within Public cloud environments
• Segmentation within containerized environments
• Macro- and micro-segmentation

• Security assessment and threat modelling as an input to security design.
• Understanding and interpreting regulatory requirements
• BizzDesign, Archi, or generic UML visualisation experience for high-level designs
• Working proficiency in Jira for project & tasks management
• Working proficiency in Confluence for documentation

• Collaborate extensively and align directly with Security Architecture colleagues and produce high quality detailed artefacts
• Produce, manage, and update end-to-end solution designs in line with reference architecture & business requirements
• Articulate and publish key design decision records and options to ensure all solutions follow a logical, transparent decision-making process
• Articulate, publish, and ensure approval of any design deviations resulting in technical debt
• Ensure any technical risks or issues arising from a solution design are recorded and mitigated.
• Produces, manages and translates the requirements into the architecture for that solution, ensuring technology and services meet the customer needs and expected business outcomes
• Ensures the design of the solutions are efficient, timely and cost effective throughout the project lifecycle
• Clear understanding of both the motivations of the business and technical security
• Promote strong documentation and clerkship
• Conduct multi-layered assessments to identify segmentation opportunities and control gaps at network, platform, and application level.
• Document solution designs in line with regulatory expectations (e.g. DORA), ensuring traceability from policy to control execution, and evidencing control effectiveness.
• Support implementation of the Network Segmentation Target Operating Model, including the definition and improvement of supporting processes related to the Architecture Control.

• Update or create architectural design documents
• Align patterns and standards with actual implementations
• Embed controls into product roadmaps
• Support teams beyond security, acting as a reference point across engineering, architecture, and service operations to ensure cohesive design and implementation.
• Contributing to security governance and assurance by embedding traceable, repeatable, and documented design decisions and other architectural artefacts into the solution delivery lifecycles.

• Ensures all high-level designs, architecture patterns, decision records, deviation requests, and technical risks or issue records undergo architectural and project governance processes
• Ensure all architecture artefacts undergo appropriate peer review prior to design authority presentation
• Present publications at technical design authorities for input, feedback, and approval

• Effectively manages and escalates both technical and project risks or issues
• Articulates solutions and remediation steps to technical risks & issues
• Ability to map design decisions to resultant technical risks & issues to articulate the cause and rationale which leads to any negatively impacting change

#LI-DNI