Gateways and Guards Architect

At Thales we know technology has the ability to make our world more secure sustainable and inclusive and that its all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge whats possible.

From manufacturing and engineering to cybersecurity and space were driving progress in some of the worlds most important industries and working together to build a future we can all trust.

Our Thales Cyber Services team provides secure Communication solutions information systems and cybersecurity services to support the work of defence and government clients. Our systems are designed to protect sensitive information from cyber threats ensuring its security and integrity in critical environments.

YOUR ROLE

Working in our offices on Wurundjeri Woi-wurrung Country (Melbourne) or Ngunnawal/Ngambri Country (Canberra) you will work within a project delivery team under the direction of the Project Design Authority and perform across both across secure enterprise and deployed environments as follows:

• Elicit analyse and formalise Guard and Gateway requirements with stakeholders ensuring clarity traceability and alignment with FMN and ISM control objectives.

• Design Guard and Gateway configurations and design patterns aligned with FMN ISM and Defence information exchange requirements.

• Support the creation of Guard and Gateway configuration artefacts design documentation and pattern libraries for secure enterprise and deployed environments.

• Maintain requirements traceability and contribute to the development of ISM assessment and authorisation evidence packs supporting accreditation pathways.

• Implement prototype Guard and Gateway configurations for design validation functional testing and pattern verification.

• Contribute to Data-Centric Security (DCS) policy definition aligned with STANAG 4774/4778 and ACP 240 metadata protection and content-handling requirements.

• Support CDR threat-protection testing including content sanitisation assessment for mission-edge and cross-domain flows.

• Work collaboratively with senior Guard specialists architects and engineers to ensure design quality security and compliance.

YOUR EXPERIENCE:

On day one in this role well expect you to bring the following skills experience and behaviours:

• Strong expertise in Google Distributed Cloud networking and hybrid cloud interconnect architectures.

• Deep understanding of Zero-Trust Networking principles and Kubernetes CNI design including GKE-on-GDC patterns.

• Proficiency integrating COTS firewalls (e.g. Palo Alto Fortinet) into private cloud and GDC environments.

• Experience designing or contributing to Defence-ready Guard and Gateway architectures incorporating FMN ISM and ISM assessment and authorisation control expectations.

• Knowledge of Data-Centric Security (DCS) aligned to STANAG 4774/4778 and ACP 240 including metadata-labelling content release constraints and sanitisation policies.

• Understanding of CDR technologies as threat-protection mechanisms and their application at mission-edge and cross-domain enforcement points.

• Experience contributing to requirements analysis design artefacts and ISM assessment and authorisation documentation for secure system delivery.

• Works effectively under general direction escalating appropriately while demonstrating initiative.

• Collaborates respectfully and constructively with architects engineers testers and stakeholders.

• Applies structured detail-oriented thinking to technical problem-solving.

• Maintains a strong focus on security compliance and risk management in all work products.

• Communicates clearlyboth verbally and in writingwhen engaging stakeholders or producing design artefacts.

• Demonstrates professional integrity and contributes positively to a team-based engineering and accreditation culture.

AUSTRALIAN DEFENCE ROLES & SECURITY

A Defence security clearance is required for this role; applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance. An NV1 clearance is preferable.

Additional information with regards to clearances is available from the Australian Government Security Vetting Agency website In some cases individuals who hold a current clearance from a foreign government may be eligible to have this clearance recognised by the Australian Government and be eligible for this role. The Australian Defence Trade Controls Act (DTCA) is applicable and as such your nationality may be a factor in determining your suitability for this role.

Its easy to dismiss the perfect opportunity if you dont see yourself as the perfect fit. If this role feels right no matter your background or personal circumstances please introduce yourself or join our community. Were committed to supporting a diverse workplace and that starts here.

Were proud to be endorsed by WORK180 as an Employer for All Women but we know theres always more we can do. Well continue to foster industry partnerships employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer for everyone.

Read more about our WORK180 endorsement.