Associate Principal Security Architect

Our Cyber Security Team

Its no secret that our intellectual property is critical to our order to secure our ideas and designs our customer and employee personal data and to protect operations from cyber-crime Dysons globalCyber Security and Riskgroup works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game.

We have a continuous focus on transforming and managing all aspects of security - including architecture engineering technology risk management cyber operations end user security and project delivery. We invest heavily in new security capabilities (technology processes and people) and leverage our strong cyber ecosystems to tackle future threats.

Product Design Manufacturing Supply Chain eCommerce and Enterprise Systems are at the beating heart of Dysons cyber defence priorities. We play a key role in ensuring the successful design and delivery of exciting new business and security projects and that our controls and security platforms remain effective and our cyber operations capabilities are delivered on a global 24x7 basis from our strategic locations across the US UK / Europe India Singapore and China.

The Security Architecture and Engineering team plays a key role with responsibility for the design and engineering of our core enterprise and Operational Technology cyber protection technologies along with the actual design of the security elements of business and IT projects. We also play a critical role in assuring the security and compliance of all Dysons existing and new products.

Alongside technical expertise in the relevant areas of Security Architecture the role requires strong business partnering and relationship building skills. Youll work closely with project teams in business areas to develop practical solutions to mitigate business risks. Theres ample scope to share and build on your existing technical expertise and we invest heavily in the development and training of our team.

Responsibilities

• Consult on business and IT-led initiatives design cyber security elements ensure adequate security solutions are in place

• Plan research design and build robust security architectures for new projects

• Design coordinate and oversee security testing and assurance of products

• Improve efficiency automation and performance of security reduce cost of ownership. Drive Quality Security and Speed

• Engage with new business initiatives - deliver secure supportable solutions make the quick easy way the secure way

• Develop and maintain strong working relationships with key IT business and supplier contacts

• Provide security risk assessment & recommendations throughout delivery lifecycle - produce designs define / draft patterns engage with delivery (Waterfall Agile and DevSecOps). Support application development database design network/platform projects.

• Help project teams comply with enterprise and IT Security policies industry regulations computer forensic investigations and best practices

Qualifications and Experience (not all experience and qualifications will be required depending on the role)

• Deep expertise in Zero Trust Network Access and Data Loss Protection. Exposure in working with HR and legal on following through enforcement process as well as aligning technical solution to business requirement.

• Strong background in security architecture of enterprise OT or IOT platforms including engineering of core best-in-class security products.

• Awareness of current industry security threats challenges and mitigation techniques

• Interpersonal and communication skills able to influence and build effective working relationships with a broad range of people and roles globally

• End point technology

• Connected devices

• Core infrastructure/cloud and/or business applications.

• Designing and delivering secure eCommerce Ownership Experience Retail against a backdrop of major standards / frameworks such as PCI-DSS ISO27001 NIST 800 series ISA/IEC 62443.

• Supporting project teams with high and low-level security consultancy design and delivery with a wide-ranging understanding of security considerations across key technologies such as Cisco Microsoft SAP Oracle market-leading SaaS applications public cloud etc

• Operational technology / manufacturing / supply chain security

• Embedded product software security

• Familiarity on ITIL processes to work collaboratively with IT

Knowledge across several security topics ideally across the following categories:

• Security Architecture including: designing infrastructure security solutions architecting secure business applications and integrations horizon-scanning trends and technologies

• Security Consultancy including: setting security requirements regulations (e.g. GDPR PCI-DSS other international privacy requirements) security good practice threat modelling and mapping to common framework (Cyber Kill Chain MITRE ATT&CK)

• System-level Security including: operating system hardening endpoint security network security web and application services database security privileged user management

• Cloud Technologies including: Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Content Delivery Networks (CDN) Web Application Firewall (WAF)

• OT security technology and models

• DevOps practices embedding security in the software development lifecycle

Dyson is an equal opportunity employer. We know that great minds dont think alike and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race colour religion national or ethnic origin sex sexual orientation gender identity or expression age disability protected veteran status or other any other dimension of diversity.