Our vision is to leverage the incredible potential of technology to build vehicles that not only offer a premium, all-encompassing digital experience, but that also make our customers lives better.
We are looking for someone who will help us realise our business vision for a resilient IoT platform that will provide our customers, suppliers and partners with seamless connected services delivered through an industry-leading global platform that will generate new income streams for our business and help drive down costs through the use of data analytics.
Our Security Architects work closely with stakeholders to define and evolve system security architectures that are secure by design. You will be a valued member of our Offboard Cyber Security Chapter reporting in to Offboard Security Architecture Chapter Lead, contributing to the strategic direction of the technology and solutions delivered.
As a Security Architect, you will work in conjunction with solution architects, product owners, technical leads and embedded security champions to identify the security risks associated with our products using application security threat modelling. You will collaborate with stakeholders to identify secure architectures, best practices and requirements that enable us to deploy secure systems at scale. You will support our engineering teams through their security assurance journeys working to identify security assurance testing regimes that are aligned with our products.
WHAT TO EXPECT
This role sits within the Offboard Cyber Security Chapter in Manchester and would suit those who are technically minded; be that from a cyber security background or those with a software engineering background. This is a mid-level role in our team and as such there is scope to develop your skills, and would suite someone with a strong technical background wanting to move into security architecture.
We work with new and exciting technologies to provide global services for the connected car of the future. We work collaboratively and value each other’s opinions, as part of the team here you will have the opportunity to impact and influence a technology platform used by hundreds of thousands of our customers daily, solving difficult engineering challenges on a global scale.
We are reimagining how we deliver secure global solutions in a highly agile environment. We have a strong focus on DevSecOps and empowering engineering teams to deliver and deploy large, secure systems at pace.
Some of our Security Architect’s responsibilities include:
- Providing consultation to product teams in security architecture and design, and conduct security reviews of new and existing products and services
- Working with engineering teams to create threat models
- Continual collaboration with stakeholders with a view to being a key part of the product delivery teams’ success
- Maintaining strong knowledge of current security threats, mitigations and operational security best practices
- Supporting the analysis of business requirements and their interpretation into security deliverables
WHAT YOU’LL NEED
You will be working closely with our engineering teams to help them uncover threats in their solutions, so a strong technical background is required. Knowledge of cyber security best practices and a good understanding of security threats and controls is also a must. This role is highly collaborative so would suite someone with a desire to work collaboratively across the wider engineering team.
We are looking for a self-starter, keen to work in a highly collaborative manner supporting our engineers and product teams as we deliver a connected data platform for the luxury vehicles of the future.
- A background in software engineering or cyber security, with knowledge of DevSecOps
- Familiarity of application security and threat modelling
- Experience implementing SDLC process, technology, and automation in a DevOps environment; ideally making use of OWASP best practice
- Experience within agile delivery frameworks
- Experience with large-scale web applications and backend services, including API design, access management, authorization, authentication, data protection and encryption
- Familiarity with of common application and infrastructure security vulnerabilities and mitigations
- Solid technical foundation with a business-savvy mindset and an ability to translate technical vulnerabilities into business risks for senior leadership
- An individual with a customer first mindset who is easy to do business with and makes people feel special, driven to deliver experiences that are personalised, transparent and dependable
- An individual, who works independently, is results driven, demonstrating tenacity, drive and perseverance with the ability to deliver operational plans in a complex, highly demanding environment.
- A passion for continuous technical improvement
- An individual with the capability to combine a short term, pragmatic focus with medium term planning
- A resilient and enthusiastic who responds constructively to new ideas and inputs
- A good communicator with the ability to clearly communicate complex ideas
- An effective team player, actively develops and supports team members
- The ability to challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style