X1 Senior Enterprise Network Security Architect in our head offices in Swindon
35 Hours a week on a permanent contract
Send in your application by22nd February 2019
Nationwide employs a mix of bespoke-developed and commercial off the shelf solutions to deliver its 'core systems' capability, but the landscape has evolved organically, and needs to be simplified and standardised to support business growth and service efficiency, and to reduce technical debt.
With the recently announced £4.1bn investment in IT and change over five years, we are moving at pace to consolidate and transform our IT estate, introduce Network solutions, and simplify our infrastructure topology to a set of best-of-breed, industry leading strategic capabilities, to realise the benefits of a simplified and reusable IT estate. In adopting industry standards and best practices, this will increase product launch agility, operational resilience and provide rich configurable functionality and services, to enable our member propositions.
Enterprise Security Architecture is at the core of Nationwide's existence. We are engaged with the business domain leaders in redefining and maturing the enterprise security architecture vision for our commercial proposition, products and customer engagement to embrace 21 st century challenges and opportunities of digital technologies, shifting de...
Before you apply, we encourage you to learn more about Nationwide Building Society
Be unique. Be authentic. However you prefer to say it, we really mean it. Our culture
embraces people’s diverse perspectives and creates a positive environment where everyone
belongs. We’re determined to build a better, more connected world for everyone.
Articles you might like
Inclusion Matters at Nationwide
The final frontier, from women in space to the workplace!
Unless you’ve been living in outer space, chances are the recent NASA and the Chinese...
Enterprise Security Architecture is at the core of Nationwide's existence. We are engaged with the business domain leaders in redefining and maturing the enterprise security architecture vision for our commercial proposition, products and customer engagement to embrace 21 st century challenges and opportunities of digital technologies, shifting demographics and changing threat landscape. The right individual will be able to make a real difference to the enterprise security architecture strategy, technology strategy and roadmap for this key enterprise architecture domain.
Who we're looking for
We need someone with the ability to influence, communicate, and lead the development of the vision, roadmaps and transition states, and to provide assurance of our architecture in this domain.
As a minimum requirement:
You will have experience in enterprise security architecture and technology in a Tier 1 financial services organisation, including one or more of the following:
Strong knowledge of Enterprise Network Security Architecture principles
Strong knowledge of architecting defence in depth security controls for Networks and implementing multi-layered defence systems
Strong technology experience architecting and advising on large scale, highly available systems handling high volume traffic/transactions per day with low latency.
Advanced knowledge of designing and implementing network based behaviour security controls
Strong understanding of public cloud architectures, technology, and deployments (for the top cloud vendors).
Proven expertise in designing, implementing, and supporting secure large enterprise networks, working with customers to filter the technical requirements from business requirements.
Ability to work cross functionally across other technical functions within a customer engagement to collaboratively build cohesive solutions, proactively identify and resolve issues independently.
In-depth knowledge of routing, switching, wireless and network security.
Knowledge of TCP, IPv4 and IPv6, and common protocol operations.
Extensive experience with Layer 2 - Layer 7 protocols
Experience or knowledge of any of the following technologies:
Virtual Networks, Security Centre, Azure AD Multi-Factor Authentication (or similar for other vendors), SecureDNS, Privileged Identity and Access Management.
Deep experience in MPLS, MP-BGP, OSPF, RSVP, VRF's, IPSec, L3VPN, L2VPN, VLAN's, VXLAN's, SDN, NFV, Micro-Segmentation, Wireless, Datacentre networking.
Experience of DDoS, DoS mitigation, NGFW, IPS/IDS, Reverse Proxy, Forward Proxy, WAF, CDN and understanding the security behind them.
Experience in creating LLD's and HLD's
Strong experience with Application Delivery Controllers & Load Balancing algorithms and implementations (F5 LTM, F5 GTM, round-robin, least conns, Global load balancing)
Engage with leading IT suppliers/vendors as well as candidates for next generation solutions.
Advanced knowledge of TCP/IP, Network Security principles and Network Security Architecture Design.
Experience working in a digital transformation focussed environment being able to talk through projects undertaken.
Play a lead role in reviewing and updating Disaster Recovery solution considering key compliance guidelines such as GDPR & PCI DSS.
Experience in developing audit and network monitoring strategy.
What you'll be doing
Other essential experience alongside product domains:
Prioritising and responding to business and technology strategies and priorities
Developing and implementing technology roadmaps
Excellent verbal and written communication with a proven track record of stakeholder engagement and influencing both business and technical stakeholders
Strong knowledge of security architecture frameworks, standards and best practices (CSA/CIAQ, CCM, NIST, TOGAF or Zachman)
Strong knowledge of defining strategies, standards and best practices
It would be nice if you also had:
Ability to determine business and technical requirements and establish the appropriate Network Security control designs as necessary.
Practical experience reviewing Enterprise Architecture designs and enhancing security solutions against company standards and industry best practice.
An understanding of cloud architectures and service types (PaaS, SaaS, IaaS) and their network implications.
A CCNP-Security or CCIE-Security qualification.
You will be working in a multi-disciplinary high-performance team, developing the vision, roadmaps and transition states to move from the current to the target architecture for enterprise architecture domains supporting and delivering Nationwide's business products. You will be engaging with a wide variety of stakeholders, vendors and partners, in addition to key programmes and projects to provide oversight, direction and expertise, and to maintain alignment with the target architecture.