If you need support in completing the application or if you require a different format of this document, please get in touch with at UKI.recruitment@tcs.com or call TCS London Office number 02031552100 / +44 204 520 2575 with the subject line: “Application Support Request”.
Role: Lead Security Architect (OT) network
Job Type: Permanent
Location: Leamington / Gaydon
Mode of Working: (Hybrid-3 days WFO)
Are you ready to leverage your skills in security architecture?
Join us as a Lead Security Architect (OT) network!
Careers at TCS: It means more
TCS is a purpose-led transformation company, built on belief. We do not just help businesses to transform through technology. We support them in making a meaningful difference to the people and communities they serve - our clients include some of the biggest brands in the UK and worldwide. For you, it means more to make an impact that matters, through challenging projects which demand ambitious innovation and thought leadership.
* Build strong relationships with a diverse range of stakeholders.
* Gain access to endless learning opportunities.
* Work closely with the range of teams within the business to bring products to life.
The Role:
As a Lead Security Architect (OT) network, you will define and implement the Security Architecture strategy for Networks, working closely with the Networks team and the wider IT team and Business stakeholders. Your will be an expert in Network Security Architecture, with particular emphasis on assessing threat landscapes, performing risk and impact assessment, defining security network zones, and applying security tools and controls and manage any residual risk. This will be done both at a programme and individual project level.
Your responsibilities:
* Assist in the creation and execution of the global information security architecture roadmap for the Company using a pragmatic “hands on” approach.
* Work with other Security Architects across IT, and Business Function Architects to deliver secure networks across the client’s estate.
* Define high-level target network security architecture offering the best solution for risk mitigation, performance, economics and customer experience.
* Formalise Secure Network segmentation and Zoning architectures to support Zero Trust security models.
* Provide quality security design patterns or blueprints to contribute to the client’s Architecture framework.
* Develop baseline security standards for defined Zones incorporating information security principles and requirements that govern how to adequately protect access between network zones.
* Develop Security policy and governance for Policy as a service for future Software Defined Networks.
* Work closely with the Networks team to embed security into existing networks.
* Work with the Network Architects on next gen designs for both the corporate and OT networks.
* Advice the Networks Team on decommissioning sequence and methods.
* Provide local SME support for security policies, standards and procedures relating to Networks.
* Advise the Networks Team on relevant service models and support.
* Support risk and audit items as appropriate.
* Drive liaison with the wider IT Architecture community to ensure that information security principles are progressively embedded in day-to-day networking operations.
* Develop service model architectures ensuring service input and outputs are recorded, gaps become known.
* Recommend process and governance improvements.
* Promote and support the embedding of security best practice in network architecture development processes to improve standardization.
* Track developments, changes and threat environments in the digital business to ensure they are adequately addressed in security strategy plans and architecture artifacts.
* Monitor trends in information security and incorporate them into Security Architecture Strategy.
* Work closely with external vendors to bring new ideas and technologies into the business.
* Provide guidance on architecture security requirements in product selections and RFP.
* Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data.
* Conduct or facilitate threat modelling of network services and applications that are tied to risk, data and industry drivers associated with the service or application.
* Establish and deliver methods and tools which provide value for the organization by reducing risk.
Your Profile
Essential skills:
* Proven history of working in Network Security Architecture.
* Deep technical understanding of Enterprise Network Architecture, in both corporate and OT domains.
* Demonstrable evidence of contributing security subject matter expertise, including in WAN, LAN and Cloud environments.
* Excellent written and verbal communication skills.
* Ability to translate technical language into clear, accurate terminology understandable for the wider audience.
* Knowledge of market issues and dynamics.
* Strong program management, partnering and consulting skills.
* A team player with ability to work in a cross-functional environment and influence positively for Information Security.
* Formal training and familiarity with industry standard methods, tools and processes to support a Security Architecture function, such as SABSA, TOGAF etc.
* Previous experience with embedding security principles.
* Familiar with network security techniques and technologies such as Remote Access, VPN, Firewalls, NAC, DLP, IDS/IPS, SIEM and Wireless security.
* Knowledge of information security principles and best practices.
* Experience in managing information security risk.
* Familiar with information security frameworks such as NIST, SANS Top 20 CSC, OWASP, ISO27001, and CyberEssentials.
* Proven working knowledge of industry IT compliance standards, particularly in design and implementation.
* Understanding of Operational Technology and the challenges involved in securing access.
Desirable Skills :
* IT security certifications such as CISSP.
* Knowledge of market issues and dynamics within the UK.
* Relevant degree or equivalent experience.
* Network certification such as CCIE/CCNP.
* Network security certification such as CCSA, PCNSE, JNCIS, NSE7, CEH.
* Experience in manufacturing Industries.
* OT or GIAC certification or experience in OT network hardening, including relevant aspects of ISO 62433.
* Experience in IoT technologies.
* Familiarity with governance and delivery frameworks including COBITv5, and ITIL.
Rewards & Benefits
TCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop, phone, access to extensive training resources and discounts within the larger Tata network.
We offer health & wellness initiatives and sports events; we are the proud sponsor of the London Marathon.
Diversity, Inclusion and Wellbeing
Tata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the UK Equality Act 2010 and the UK Human Rights Act 1998.
We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role.
As a Disability Confident Employer, we offer an interview to applicants with disabilities or long-term conditions who meet the minimum criteria for the role. Please email us at UKI.recruitment@tcs.com if you would like to opt in.
If you are an applicant who needs any adjustments to the application process or interview, please contact us at UKI.recruitment@tcs.com with the subject line: “Adjustment Request” or call TCS London Office 02031552100 / +44 204 520 2575 to request an adjustment. We welcome requests prior to you completing the application and at any stage of the recruitment process.
Next Steps:
Application Process:
1. Online application: You can apply directly through LinkedIn/ by uploading your CV. In case you wish to submit your application via another format like audio/video, please, contact - UKI.recruitment@tcs.com
2. Skill-Based discussion: This will be a level 1 interview with the project team. It will be a Video discussion.
3. Managerial discussion: This discussion will focus on behavioral aspects and person-organization fit.
4. HR Discussion : This will be with one of the members of the HR team and will cover your career journey, aspirations for growth, compensation and any other questions you may have.
Beware of Fraudulent offers
This is to notify you that TCS does not ask for any sort of payment or security deposit from candidates at any stage of the recruitment process. The firm never sends out job offers from free internet email services like Gmail, Yahoo Mail, and so on. TCS has not authorised any third-party company to collect money on their behalf. As a vigilant job seeker, beware of fraudulent recruitment activity and protect your interests! You can write to UKI.recruitment@tcs.com to report any fraudulent activity.
Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion.
Join us and do more of what matters. Apply online now.