Skip to main content Skip to job search

Senior Enterprise Architect - Identity & Access Security

Senior Enterprise Architect - Identity & Access Security

  • Location: Swindon, London, Countrywide
  • Salary: £54,231 - £88,126
  • Contract Type: Permanent
  • Ref: R001900874
  • Closing Date: 31 October 2019

Job description

We need:

• X1 Senior Security Architect - Identity and Access Management in our head offices in Swindon or London 
• 35 Hours a week on a permanent contract
• Car allowance

Nationwide employs a mix of bespoke-developed and commercial off the shelf solutions to deliver its ‘core systems’ capability, but the landscape has evolved organically, and needs to be simplified and standardised to support business growth and service efficiency, and to reduce technical debt.

With the recently announced £4.1bn investment in IT and change over five years, we are moving at pace to consolidate and transform our IT estate, introduce cloud solutions, and simplify our infrastructure topology to a set of best-of-breed, industry leading strategic capabilities, to realise the benefits of a simplified and reusable IT estate. In adopting industry standards and best practices, this will increase product launch agility, operational resilience and provide rich configurable functionality and services, to enable our member propositions.

Enterprise Security Architecture is at the core of Nationwide’s existence. We are engaged with the business domain leaders in redefining and maturing the enterprise security architecture vision for our commercial proposition, products and customer engagement to embrace 21st century challenges and opportunities of digital technologies, shifting demographics and changing threat landscape. The right individual will be able to make a real difference to the enterprise security architecture strategy, technology strategy and roadmap for this key enterprise architecture domain.

We need someone with the ability to influence, communicate, and lead the development of the vision, roadmaps and transition states, and to provide assurance of our architecture in this domain.

Who we're looking for

As a minimum requirement:

You will have experience in enterprise security architecture and technology in a Tier 1 financial services organisation, including one or more of the following:

• Strong knowledge of Enterprise Cyber Security Architecture policies, standards principles, controls and frameworks
• Strong knowledge and experience implementing and maintaining main stream cyber security solutions across the cyber security landscape from a variety of vendors.
• Strong knowledge of architecting security controls within enterprise architecture domains
• IAM solution design, with the ability to generate high quality deliverables - requirements definitions, high level and detailed designs, system maps and deployment plans etc
• Delivery of IAM solutions and services and developing effective SLA's and KPI's in relation to IAM service offering
• Experienced in identity services and standards like Active Directory, Azure Active Directory, SAML, OpenID, Oauth, etc.
• Strong experience in application movement to SSO and IAM platforms, in particular complex enterprise applications.
• Strong practical understanding of SSO and IAM key concepts and best practice.
• Strong practical understanding of IAM key concepts including user entitlement reviews/attestation and access request best practice.
• Good level of technical understanding of API, RBAC and AAA.
• Strong knowledge of User Access Management - IAM/PAM
• Experience of re-certification processes and access management reviews
• Experience providing leadership and mentoring to team of solution architects

Other essential experience pertinent to the role:

• Experience architecting IAM solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers.
• Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth.
• Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
• Federation concepts and technologies particularly with solutions from ADFS, Ping Identity and exposure to AWS Web Identity Federation – Cognito.
• Strong knowledge of Directories, SSO, Federation, Delegated administration, API gateways, SOA services.
• Strong knowledge of cloud computing architecture, technical design and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) delivery models.
• Drive the adoption of AAA reference architectures for existing, new and emerging IAM technologies.
• Providing thought leadership and defining and shaping strategies.
• Developing and implementing enterprise security architecture controls across the NIST functions of Identify, Protect, Detect, Respond and Recover.
• Developing and implementing technology strategies, roadmaps and best practices.
• Excellent verbal and written communication with a proven track record of stakeholder engagement and influencing both business and technical stakeholders.
• Strong knowledge of security architecture frameworks, standards and best practices (CSA/CIAQ, CCM, NIST, TOGAF or Zachman).

What you'll be doing

You will be working in a multi-disciplinary high-performance team, developing the vision, roadmaps and transition states to move from the current to the target architecture for enterprise architecture domains supporting and delivering Nationwide’s business products. You will be engaging with a wide variety of stakeholders, vendors and partners, in addition to key programmes and projects to provide oversight, direction and expertise, and to maintain alignment with the target architecture.

The extras you'll get

If you put a lot in, it’s only fair you should get a lot out. So, if you help us do the right thing for our customers, we’ll help further your career at Nationwide. As well as your salary, there’s life assurance, a pension and a recognition and rewards scheme. We think it’s a great place to work, and we’re not afraid of giving you praise when you’ve done well.


Work with PRIDE

Princes Responsible Business Network
Stonewall Diversity Champion
Business Disability Forum Member
Woman Engaged

Why work for us?

At Nationwide, we’re here for our members and we put their needs first in everything we do. And now, more than ever, two things are helping us go from strength to strength: we put our customers first, and we’re known for being open, honest and trustworthy.

We’re also the world’s largest building society, with communities at the heart of everything we do. We aim to do the right thing for our members which helps set us apart from our competitors. But we need good people to help us do it. People who understand what we believe in and have the talent and drive to keep us successful.

At Nationwide we have a strong ethic of care, and a genuine concern for each other and our members. We recognise that our employees feel most appreciated when their thoughts and values are respected and considered. We are committed to creating a culture that recognises and truly values our individual differences and identities. If you’d like to be a part of an inclusive workplace where you can be yourself, where your talents are nurtured, and you feel empowered to contribute then please apply and help us in building society, nationwide.