Title:

SECURITY ARCHITECT

OVERVIEW

The Programme and Project Partners (PPP) model was mobilised in 2019 with the purpose of transforming major project delivery at the Sellafield nuclear site.

The partnership brings together KBR, Jacobs, Morgan Sindall Infrastructure, Altrad Babcock and Sellafield Ltd to deliver a 20-year pipeline of major infrastructure projects to support the decommissioning of Sellafield and to create a clean and safe environment for future generations.

In delivering its pipeline of large-scale infrastructure projects, PPP is creating opportunities for its people, supply chain, economy and communities.

KBR’s rapidly growing nuclear team of teams is working at the forefront of the UK’s nuclear space on some of the most exciting new-build, defence and decommissioning programmes.

KBR was recently named a “Great Place to Work-Certified” company in 2023, an honour that underscores the company’s commitment to being a UK employer of choice for people who want to do work that matters.

SECURITY ARCHITECT

Reports to: Head of IT / ITSO

Location: Warrington / Cumbria, 2 / 3 days per week on site with travel to opposite site potentially once per month

Qualifications, Experience and Skills

Qualifications:

Essential: 

• Bachelor’s Degree in Computer Science or equivalent profession and proven experience of expertise in the area

Desirable: 

• MS Azure certifications and professional qualifications

• Cisco accreditations

• Qualification or membership of a professional body in Information Security.

• Experience of Cyber Security Standards.

Experience and Skills:

• Experience of assuring the security architecture of hybrid cloud environments using MS Azure and Wintel based platforms

• Security assurance of SIEM, SOC and IDAM services within heavily regulated and “secure by design” environments

Essential:

• Excellent communication and organisation leadership abilities

• Expertise in security measures such as firewalls, intrusion detection, and prevention systems, network access controls, and network segmentation

• You must be experienced with key operating systems primarily Windows

• Network security architecture and its development are both important to understand

• Wireless security, such as routers, switches, and VLAN security

• DNS security principles such as routing, authentication, VPN and proxy services

• An understanding of ISO 27001/27002, COBIT, and ITIL frameworks are required

• Assurance of proposals and designs for integrating hybrid cloud platforms, tools and systems into SIEM, SOC and IDAM services including MS Sentinel

• Third party auditing skills and cloud risk assessment methodologies

Desirable:

• Knowledge or experience of MS SQL Server, Oracle RDBMS and VDI/Thin client presentation services

• BYOTD, data classification, data certification, PKI and making systems securely available to trusted third party organisations

• Integration of public SaaS with MS Azure IaaS/PaaS and an overarching security architecture

• MS Azure “Landing Zones”

Core Responsibilities and Duties

General:

The Security Architect supports the creation of designs for security solutions that will underpin tools and systems platformed on a hybrid cloud and subsequently plans, implements and reviews the security assurance activities enabling deployment and use of the resulting systems.

To undertake this work, the Security Architect will undertake:

• Identify loopholes or weaknesses in a system that can put the organisation in jeopardy

• Support planning, investigation and build of reliable, powerful and flexible security architectures for all IT initiatives

• Perform or oversee penetration tests, vulnerability testing, including risk analysis and security assessments on the complete infrastructure

• Investigate the latest security standards, recent security systems and renewed authentication protocols

• Ensure proposed solutions can support the necessary corporate security policies and procedures including those associated with service delivery, management and operations such as those within ITIL4

• Ensure proposed solutions comply with any associated standards and that third party system elements can be assured to confirm their continued compliance

• Identify, test and ensure any integration within or out-with the organisations satisfies security requirements

• Ensure proposed and delivered solutions integrate with SIEM, SOC and IDAM and support the System Integrators and Vendors

• Support development of response plans in the event of any security related issues such as breaches, viruses, phishing scams and support the development of a thorough post event study once the situation has been resolved

#LI-JI1 #LI-HYBRID