Network Security Architect - EN03 Engineer E3

You will provide direction and solutions to product owners and delivery teams working on a variety of solutions for both colleagues and members. This will include developing solution intents and designs, threat models, and architectural guardrails.

This opportunity is within the Security Architecture team, and part of Security and Resilience. The team has a challenging mandate to architect, engineer, and assure the delivery and consumption of effective and pragmatic security controls as an enabler for innovative solutions across our hybrid on-premises and cloud IT environments. We want your expertise within Nationwide to strengthen our reputation for reliability and trustworthiness.

We are open to flexible working arrangements to support your performance. Nationwide offers hybrid working, combining office presence with home working, to foster collaboration and connection across our UK-wide estate.

For this role, you will spend at least two days per week, or if part-time, 40% of your working time, based at our Swindon or London office. Further details will be provided by your hiring manager. More about our hybrid approach can be found here.

Due to high application volumes, we may close the advert early. Please apply promptly.

A Network Security Architect at Nationwide experiences a dynamic environment. Working with technology delivery teams, you will identify and document key actors and architectural threats, clarify security policies, standards, and regulatory requirements, and communicate these in simple, actionable terms.

You will collaborate with Security and Resilience colleagues and Networking teams to identify solutions that deliver essential security controls, mitigate threats within risk appetite, and ensure compliance with security policies, standards, and regulations.

You will manage the technology controls framework, maintaining a roadmap for maturity, coverage, and effectiveness. Producing practical, coherent advice and knowledge artifacts to guide architecture and engineering teams is vital to our success.

The team fulfills various roles, providing opportunities to leverage and develop your skills in building critical applications, backend systems, and future initiatives, including creating architecture patterns and enhancing our practices and services.

You should demonstrate significant experience or aptitude in areas such as:

• Identity and Access management (e.g., MFA, SAML, Kerberos)
• Networking protocols and security (e.g., IPv4/IPv6, VPN, TLS, DNS Security)
• Automation and scripting (e.g., API, Ansible, Terraform, Bash, PowerShell)
• Security architectures (Zero Trust, micro segmentation, NGFW, WAF, DLP)
• Cloud security (SaaS, SASE, DDoS mitigation)

Additionally, you should have a general understanding of enterprise security threats and controls, experience with threat evaluation and documenting solutions, familiarity with security policies and standards, and knowledge of regulatory requirements like PCI-DSS and GDPR. Professional security qualifications such as CISSP or ISSAP are highly valued.

Our customer-first behaviors are central to our culture. These include:

• Feeling what customers feel
• Saying it straight
• Push for better
• Get it done

Showcasing these behaviors in your application can strengthen your candidacy.

Benefits include a pension with employer contributions, paid volunteering days, life assurance, health and wellness options, performance bonuses, development opportunities, and 25 days holiday (pro-rata).

As a mutual owned by our members, we prioritize their needs over profit, challenging the financial sector status quo and sharing profits with our members.

If you are inspired by fairer finances, making a meaningful impact, and caring about our customers, you are one of us.

If interested, click 'Apply Now' to submit your CV and answer a few questions. We will contact all applicants after the closing date with the outcome.