System Design Authority - Platform SpecialistOur client are experts in defence, aerospace, security and related markets, drawing on extensive technical knowledge and intellectual property to provide the know-how and support to solve some of the world's most challenging problems. The organisation makes the critical difference to customers by providing unique approaches to problem solving. Why don't you join some of the world's finest scientific and technical minds and help make tomorrow work today? Reporting directly to the SDA Lead, you will be the System Design Authority (SDA) on a large-scale MoD programme and be responsible for the coherence and assurance of the design activity for the entirety of the OpNet Platform. The primary focus of this role is to advise and assure the OpNetdesign is conformant with vendor best practice, security enforcement, and the Defence Digital architectural patterns and guidance.Responsibilities SupportAct as the point of contact for platform architecture and threat mitigation on behalf of the SDA Lead.Interact with programme, project and engineering team leads to ensure cross team, cross technology coherence to satisfy the platform requirements of the OpNet system.Support design vision creation, design decisions and design review as part of the end to end assurance process.Support to Programme and Project Stakeholder engagement and RADIOLiaise with external (to NSoIT(D)) stakeholders to ensure end-to-end designs are being delivered across the wider Defence landscape.Liaise with team leads across the NSoIT(D) Programme and wider defence digital organisations to ensure a robust solution is delivered within Time, Cost and Performance.DesignIdentify and communicate solution intent across programme teams and the SDA and support the review of all high, intermediate and low-level designs for coherence, technical content and quality.Align standards, frameworks and security with overall business and technology strategy.Support to the design of platform architecture elements to enable the system to function as part of the wider defence estate, during inception, transition and operations.AssureEnsuring that standards, frameworks and security postures align with overall business and technology strategies and policies e.g. Defence as a Platform, Federated Mission Networking and JSPs.Identify capability gaps in existing architectures and recommend changes or enhancements in line with Agile and continuous improvement methods.Position Requirements Demonstrable experience in the following:Architecture and development of secure Hardware and Software solutions with successful delivery on complex, large scale programmes utilising emerging technologies where possible.Strong Platform Engineering background with experience working with an Engineering team to ensure compliance.Proven demonstrable experience operating both as a Platform Engineer and Platform ArchitectDetailed knowledge and understanding of JSP and over-arching HMG policy.Writing technical requirements and producing detailed solution architectures.Designing and implementing secure platform solutions. This includes continuous monitoring and making improvements to those solutions.Consulting and engineering in the development and design of platform best practices and implementation of solid security principles across the project to meet business goals along with customer and regulatory requirements.Identity access management (IAM) - the framework of security policies and technologies that limit and track the access of those in an organisation to sensitive technology resourcesAn understanding of Defence Lines of Development and MOD Capability Integration.Comprehensive knowledge of UK Defence deployed network architectures, federations with coalition partners, security enforcing gateways and modern techniques for enforcement of security principles including micro-segmentation, VPN, VDI, hardware encryption and information flow handling.Experience in reviewing engineering designs and enhancing solutions against business requirements and Industry Best Practices.Experience in delivering to a least privilege security model.Demonstrable hands-on design of:Microsoft Windows Server 2012 R2; o AD and NTFS permissions o DNS o DHCP o Group Policy / SCCM (Including Security Hardening) o NTP o PKIMail o Microsoft Exchange up to version 2016 where possibleVoice and Video Conferencing o Skype for Business o SIP with TLS federationDatabase Services o Microsoft SQL Server up to version 2016 where possible o PostgreSQLReplication and Backup Technologies o Cross-site failure and resiliency o Veeam Backup and ReplicationStorage Technologies o SAN Design and ConfigurationDesktop Management o Windows 10 DeploymentAt least one of the following professional certifications that have been obtained:Windows Server certification, MCSA (Microsoft Certified Solutions Associate) / MCSE (Microsoft Certified Solutions Expert) or similar.