Security Architect

We are currently looking for a Security Architect/Design Engineer with specific experience in Network & Infrastructure Design. This is to join an existing team with one of our financial services clients. Applicants will need to attend a client office 3 days per week; location can be a choice of Edinburgh/Sheffield/Birmingham/Manchester. The role will involve managing end-to-end solution design and delivering design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, you will be required to publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate. Support and maintain the in-house developed web application with an Azure hosted Data Lake backend, used for firewall rule recertification for CheckPoint, Illumio and Fortinet. The role involves architecting new features to incorporate new requirements to support WAF, Network Segmentation and Proxy capabilities. Additionally, assisting with re-platforming the service to a new infrastructure. Significant experience and proven technical depth and experience within network & infrastructure security - Network Security Controls: Firewalls, WAF, software-defined network segmentation, IDS/IPS, Proxies and NAC. Segmentation and Micro-Segmentation: Dividing the network into smaller, isolated segments to limit attack surfaces and ensuring ongoing connectivity across zones. Secure Protocols: Implementing secure communication protocols like TLS/SSL, IPsec, and SSH. Network Traffic Analysis: Interpretation & monitoring and analysing network traffic to detect and respond to anomalies. Network Security Policies: Definition and enforcement of policies for secure network operations and access. Secure Baselining: Enforcement secure configurations for systems and applications. Redundancy and High Availability: Designing systems to maintain operations and availability during failures. Disaster Recovery Planning: Creating and testing plans for recovering from major incidents or disasters. Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level Experience and understanding of both the roles and interlock between enterprise & solution architecture Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives Experience working in large-scale IT transformation programmes Ability to manage separation of control from technical design authority responsibilities - represent Cyber Services at technical and security design authorities to ensure that solutions are secure. Experience ensuring compliance with security controls to identify control gaps, develop remediation plans and determine residual risk across both local and national programmes. Platform & Technology Working experience with CheckPoint, Illumio, and/or Fortinet or similar related firewall technology. BizzDesign, Archi, or generic UML visualisation experience for high-level designs. High proficiency and expertise in Jira for project & tasks management. Working proficiency in Confluence for documentation Architecture & Design Provide assurance, support and oversight of solutions designs and support the engineering teams in delivering and executing strategic technology deployments. Ensure solution designs align to published reference architecture. Provide technical expertise & consultation to transformative programmes of work within their security domain. Influence HSBC’s business and technology executives to help them align their initiatives with standardised offerings whilst also engaging with them to understand their business requirements, threats and risks. Clear understanding of both the motivations of the business and technical security. Governance Willingness and ability to present reference architecture to design authorities and articulate deep technical concepts to a broad range of stakeholders in both large forums and smaller deep-dive sessions. Ensures all reference architecture, high-level designs, architecture patterns, decision records, deviation requests, and technical risks or issue records undergo architectural and project governance processes. Ensure all architecture artefacts undergo appropriate peer review prior to design authority presentation. Present publications at technical design authorities for input, feedback, and approval Risk and Dependency Management Effectively manages and escalates both technical and project risks or issues. Articulates solutions and remediation steps to technical risks & issues. Ability to map design decisions to resultant technical risks & issues to articulate the cause and rationale which leads to any negatively impacting change. Leadership & Teamwork Lead others and create an environment that supports and inspires people to develop and deliver. Built effective networks both internally and externally and created opportunities for others to work collaboratively. Make strategic business decisions, considering relevant risks, long term implications, commercial realities and stakeholders needs. Contract will be inside IR35. Role will be hybrid, 3 days per week in the client office, any of Edinburgh/Sheffield/Birmingham/Manchester.