Job Specifications
Dev/Null Security are actively seeking a Security Solution Designer to manage end-to-end solution design and be responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, you will be required to publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate.
You should be comfortable presenting and sharing solutions at design authorities and senior leadership and stakeholders. Additionally, the Security Solution Designer will provide technical thought leadership and direction to their aligned projects and may stand in as subject matter experts and consultants related programmes.
Principal Requirements
Cybersecurity Expertise:
Significant experience and proven technical depth within the following domains network security, network segmentation, network access control.
Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level.
Experience working in large-scale IT transformation programmes.
Excellent documentation skills justifying and explaining security design decisions against threats/mitigation/risk appetite and cost within the solution design document.
Significant experience and proven technical depth within network security, including:
Traditional Data Centre technologies, network segmentation with physical and virtual firewalls and other technologies used in network segmentation, like MPLS/eVPN.
Software Defined Networking and segmentation within private cloud environments.
Segmentation within Public cloud environments.
Segmentation within containerized environments.
Macro- and micro-segmentation.
Experience in the followings:
Security assessment and threat modelling as an input to security design.
Understanding and interpreting regulatory requirements.
Qualifications & Certifications:
Bachelors or master’s degree in cybersecurity, computer science, software engineering, or related field.
CISSP/CISM certification or other broad cybersecurity industry-recognised certificate.
Networking and Infrastructure related industry-recognised certificate(s).
Platform & Technology:
BizzDesign, Archi, or generic UML visualisation experience for high-level designs.
Working proficiency in Jira for project & tasks management.
Working proficiency in Confluence for documentation.
Principal Accountabilities and Responsibilities
Architecture & Design:
Collaborate extensively and align directly with Security Architecture colleagues and produce high quality detailed artefacts.
Produce, manage, and update end-to-end solution designs in line with reference architecture & business requirements.
Articulate and publish key design decision records and options to ensure all solutions follow a logical, transparent decision-making process.
Articulate, publish, and ensure approval of any design deviations resulting in technical debt.
Ensure any technical risks or issues arising from a solution design are recorded and mitigated.
Produces, manages and translates the requirements into the architecture for that solution, ensuring technology and services meet the customer needs and expected business outcomes.
Ensures the design of the solutions are efficient, timely and cost effective throughout the project lifecycle.
Clear understanding of both the motivations of the business and technical security.
Promote strong documentation and clerkship.
Conduct multi-layered assessments to identify segmentation opportunities and control gaps at network, platform, and application level.
Document solution designs in line with regulatory expectations (e.g. DORA), ensuring traceability from policy to control execution, and evidencing control effectiveness.
Support implementation of the Network Segmentation Target Operating Model, including the definition and improvement of supporting processes related to the Architecture Control.
Engaging with platform and application owners to:
Update or create architectural design documents.
Align patterns and standards with actual implementations.
Embed controls into product roadmaps.
Support teams beyond security, acting as a reference point across engineering, architecture, and service operations to ensure cohesive design and implementation.
Contributing to security governance and assurance by embedding traceable, repeatable, and documented design decisions and other architectural artefacts into the solution delivery lifecycles.
Governance:
Ensures all high-level designs, architecture patterns, decision records, deviation requests, and technical risks or issue records undergo architectural and project governance processes.
Ensure all architecture artefacts undergo appropriate peer review prior to design autho
About the Company
We are a cyber security consultancy that specialises in security solution architecture, engineering, implementation and operational support.
We bring decades of experience defending the highest value, hardest targeted assets and systems against the world’s most advanced threats.
We provide top tier consulting teams who add quality and value every step of the way.
Our services include:
- Strategy + Advisory
- Consulting + Managed Services
- Privileged Access Management
Contact us: hello@devnullsecurity.co.uk
Know more