Security Architect

When you join Kainos, you get to think beyond limitations to make an immediate and positive impact – like transforming digital services for millions of citizens or helping Fortune 500 companies get live and thrive on Workday.

You’ll be part of a people-first culture that is growing around the world. We’re a creative, committed, and diverse group of individuals who succeed as a team.

At Kainos your ideas are heard and valued and you’ll leave a legacy that you can feel proud of.  Join us and discover how our people write our story.

MAIN PURPOSE OF THE ROLE & RESPONSIBILITIES IN THE BUSINESS:
As a Security Architect (Consultant) in Kainos, you’ll be responsible for the design and application of good security practices in the platforms and services we build for our customers. You’ll work with Agile delivery teams to develop good security practices throughout the software development journey. You’ll learn about and apply new technologies and approaches, with talented colleagues who will help you develop and grow. 

You’ll share knowledge and help educate people – both customers and Kainos team members.  You’ll manage, coach and develop a small number of staff, with a focus on managing employee performance and assisting in their career development. You’ll also provide direction and leadership for your team as you solve challenging problems together.

MINIMUM (ESSENTIAL) REQUIREMENTS
• Experience in the secure design and delivery of new cloud services and solutions. 
• Experience in identifying security issues in existing system designs or products, including recommending sensible mitigations that balance cost, risk and usability. 
• Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST, PCI, GDPR).
• Experience in application architecture, software development and/or infrastructure architecture. 
• Experience testing the security of software and infrastructure using appropriate security tools.
• Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques.
• Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS).
• We are passionate about developing people – a demonstrated ability in managing, mentoring and coaching members of your team and wider community is important
• Excellent communication skills, with the ability to convey security complexities to audiences of various technical abilities (e.g. senior stakeholders, development teams).

DESIRABLE
• Experience of Identity management and authentication/authorisation products and patterns. 
• End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management.
• Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent)
• Experience leading security engineers and other junior members of staff