Job Title: OPNET Design Office Automation Architect (SC Active) Location: MoD Corsham Working Model: Hybrid - 2 to 3 days on-site required Duration: TBC Daily Rate: Market Competitive Outside IR35 SC Clearance required to be shortlisted for this role Crucial that the ideal contractor must have experience in Software Design, Engineering, and Automation Architecture Overview The OpNET Design Office is responsible for the coherence and assurance of the design activity for the entirety of the OpNet Platform. This role reports directly to the Design Office Lead under governance of the System Design Authority and Core Product Owner. The primary focus of this role is to create, advise and assure OpNet designs for PAAS & Automation Architecture adoption. They must be conformant with vendor best practice, MoD security enforcement and the Defence Digital architectural patterns and guidance. Key responsibilities: - Support Act as the point of contact for automation architecture and design on behalf of the Design Office Lead. Interact with programme, project and engineering team leads to ensure cross team, cross technology coherence to satisfy the virtualisation requirements of the OpNet system. Support design vision creation, design decisions and design review as part of the end to end assurance process. Support to Programme and Project Stakeholder engagement and RAIDO Liaise with external (to NSoIT(D) stakeholders to ensure end-to-end designs are being delivered across the wider Defence landscape. Liaise with team leads across the NSoIT(D) Programme and wider defence digital organisations to ensure a robust solution is delivered within Time, Cost and Performance. Design Identify, create and communicate HLDs across programme teams and the Design Office Support the review of all high and low-level designs for coherence, technical content and quality. Participate in Preliminary and Critical Design Reviews with stakeholders, both presenting and challenging design decisions, requirements alignment and supportability aspects. Align standards, frameworks and security with overall business and technology strategy. Support to the design of automation architecture elements to enable the system to function as part of the wider defence estate, during inception, transition and operations. Assure Ensuring that standards, frameworks and security postures align with overall business and technology strategies and policies. Identify capability gaps in existing architectures and recommend changes or enhancements in line with Agile and continuous improvement methods. Essential skills, qualifications, and experience In order to deliver this service, it is essential that individuals have: Automation and orchestration of secure software solutions with successful delivery on complex, large scale programmes utilising industry standard process and tooling where possible. A deep understanding of DevSecOps and Infrastructure Automation Design principles and operating within a secure CI/CD environment, is crucial. A deep understanding of declarative approaches using GitOps Proven demonstrable experience and proficiency in designing and architecting complex systems, with a focus on automating platform deployments. Strong experience in Infrastructure as Code (IaC) with knowledge in common tooling such as Ansible, Terraform, etc. Strong experience in Bare Metal Automation provisioning physical infrastructure Defining and documenting technical requirements and producing detailed solution architectures. Consulting and engineering in the development and design of automation best practices and implementation of solid security principles across the project to meet business goals along with customer and regulatory requirements. Rationalising designs & their alignment against architectural best practice. Demonstrable experience in the following: In-depth understanding of TOGAF (v9 foundation certification minimum) Familiarity with ArchiMate and other architectural tooling Experience in integrating software solutions with public cloud providers like AWS, Azure, or Google Cloud. Experience in implementing solutions using container orchestration eg Docker Compose, Kubernetes, OpenShift (preference for experience delivering VMware Tanzu solutions) Knowledge of security best practices and compliance standards related to VMware NSX environments. Knowledge of CI/CD platforms and DevSecOps techniques and best practise An understanding of Defence Lines of Development and MOD Capability Integration. Comprehensive knowledge of UK Defence deployed architectures, federations with coalition partners, security enforcing gateways and modern techniques for enforcement of security principles including VPN, VDI, hardware encryption and information flow handling. Experience in reviewing engineering designs and enhancing solutions against business requirements and Industry Best Practices. Experience in delivering to a least privilege security model. Must hold, or be willing to obtain SC clearance. Hold a valid Security Clearance (SC) Desirable skills, qualifications and experience .NET Framework, Powershell, PowerCLI, Python, Angular and other languages and frameworks Previous work in delivery of software-based programmes and projects Automation and Orchestration technologies and principals Security implementations such as PKI and Proxy services in line with MOD Security assurance processes. Delivering in Agile and Waterfall project management environments Experience with the Atlassian Toolset - JIRA, Confluence and BitBucket for delivering Agile based projects. Understanding of JSP and over-arching HMG policy. A Computer Science university-based education at Bachelors or Masters level. Experience leveraging LLM, AI and ML for optimisation of software deliveries and documentation creation Experience in the implementation of standard infrastructure stacks such as Cisco, VMWare, Microsoft and Linux environments
20/05/2024
Project-based
Job Title: OPNET Design Office Automation Architect (SC Active) Location: MoD Corsham Working Model: Hybrid - 2 to 3 days on-site required Duration: TBC Daily Rate: Market Competitive Outside IR35 SC Clearance required to be shortlisted for this role Crucial that the ideal contractor must have experience in Software Design, Engineering, and Automation Architecture Overview The OpNET Design Office is responsible for the coherence and assurance of the design activity for the entirety of the OpNet Platform. This role reports directly to the Design Office Lead under governance of the System Design Authority and Core Product Owner. The primary focus of this role is to create, advise and assure OpNet designs for PAAS & Automation Architecture adoption. They must be conformant with vendor best practice, MoD security enforcement and the Defence Digital architectural patterns and guidance. Key responsibilities: - Support Act as the point of contact for automation architecture and design on behalf of the Design Office Lead. Interact with programme, project and engineering team leads to ensure cross team, cross technology coherence to satisfy the virtualisation requirements of the OpNet system. Support design vision creation, design decisions and design review as part of the end to end assurance process. Support to Programme and Project Stakeholder engagement and RAIDO Liaise with external (to NSoIT(D) stakeholders to ensure end-to-end designs are being delivered across the wider Defence landscape. Liaise with team leads across the NSoIT(D) Programme and wider defence digital organisations to ensure a robust solution is delivered within Time, Cost and Performance. Design Identify, create and communicate HLDs across programme teams and the Design Office Support the review of all high and low-level designs for coherence, technical content and quality. Participate in Preliminary and Critical Design Reviews with stakeholders, both presenting and challenging design decisions, requirements alignment and supportability aspects. Align standards, frameworks and security with overall business and technology strategy. Support to the design of automation architecture elements to enable the system to function as part of the wider defence estate, during inception, transition and operations. Assure Ensuring that standards, frameworks and security postures align with overall business and technology strategies and policies. Identify capability gaps in existing architectures and recommend changes or enhancements in line with Agile and continuous improvement methods. Essential skills, qualifications, and experience In order to deliver this service, it is essential that individuals have: Automation and orchestration of secure software solutions with successful delivery on complex, large scale programmes utilising industry standard process and tooling where possible. A deep understanding of DevSecOps and Infrastructure Automation Design principles and operating within a secure CI/CD environment, is crucial. A deep understanding of declarative approaches using GitOps Proven demonstrable experience and proficiency in designing and architecting complex systems, with a focus on automating platform deployments. Strong experience in Infrastructure as Code (IaC) with knowledge in common tooling such as Ansible, Terraform, etc. Strong experience in Bare Metal Automation provisioning physical infrastructure Defining and documenting technical requirements and producing detailed solution architectures. Consulting and engineering in the development and design of automation best practices and implementation of solid security principles across the project to meet business goals along with customer and regulatory requirements. Rationalising designs & their alignment against architectural best practice. Demonstrable experience in the following: In-depth understanding of TOGAF (v9 foundation certification minimum) Familiarity with ArchiMate and other architectural tooling Experience in integrating software solutions with public cloud providers like AWS, Azure, or Google Cloud. Experience in implementing solutions using container orchestration eg Docker Compose, Kubernetes, OpenShift (preference for experience delivering VMware Tanzu solutions) Knowledge of security best practices and compliance standards related to VMware NSX environments. Knowledge of CI/CD platforms and DevSecOps techniques and best practise An understanding of Defence Lines of Development and MOD Capability Integration. Comprehensive knowledge of UK Defence deployed architectures, federations with coalition partners, security enforcing gateways and modern techniques for enforcement of security principles including VPN, VDI, hardware encryption and information flow handling. Experience in reviewing engineering designs and enhancing solutions against business requirements and Industry Best Practices. Experience in delivering to a least privilege security model. Must hold, or be willing to obtain SC clearance. Hold a valid Security Clearance (SC) Desirable skills, qualifications and experience .NET Framework, Powershell, PowerCLI, Python, Angular and other languages and frameworks Previous work in delivery of software-based programmes and projects Automation and Orchestration technologies and principals Security implementations such as PKI and Proxy services in line with MOD Security assurance processes. Delivering in Agile and Waterfall project management environments Experience with the Atlassian Toolset - JIRA, Confluence and BitBucket for delivering Agile based projects. Understanding of JSP and over-arching HMG policy. A Computer Science university-based education at Bachelors or Masters level. Experience leveraging LLM, AI and ML for optimisation of software deliveries and documentation creation Experience in the implementation of standard infrastructure stacks such as Cisco, VMWare, Microsoft and Linux environments
The ideal candidate will be someone with experience of delivering large scale Identity and access management capabilities preferably in secure public sector environments. Experience and skills: Effective decision making and the ability to understand, solve and resolve technical challenges across varying levels of complexity and risk Takes responsible for leading the technical design of systems and services, justify and communicate design decisions Has experience of the identity and access management domain, including authentication protocols (OAuth, OpenID Connect and SAML) and account life cycle Comfortable with Java application stacks, REST API, Linux virtual server environments, cloud hosting (eg AWS or Azure), IP Networking, configuration of ports and Firewalls, DNS, certificates Provide technical leadership to the build teams and drive the value delivery in iterative dev/test cycles. Undertake structured analysis of technical issues and translating this analysis into technical designs that describe the required solution Identify opportunities to collaborate and reuse components, communicating with both technical and non-technical stakeholders Excellent communication and presentation skills and the ability to collaborate with senior stakeholders and 3rd parties providing technical direction and establishing agreements Able to provide technical leadership, guide and mentor the development team to build solutions according to the design Able to assimilate vendor product integration requirements and make design and technical decisions for optimal use of off-the-shelf and custom Java components, ensuring high performant systems, scalability and maintainability. Technical governance and the assurance of required digital identity services ensuring best practices are followed Good working knowledge of open source and Java technologies, including APIs and microservices Able to interact with and guide a skilled DevSecOps team Agile development methods - Scrum, Kanban, TDD, BDD, etc.
17/05/2024
Full time
The ideal candidate will be someone with experience of delivering large scale Identity and access management capabilities preferably in secure public sector environments. Experience and skills: Effective decision making and the ability to understand, solve and resolve technical challenges across varying levels of complexity and risk Takes responsible for leading the technical design of systems and services, justify and communicate design decisions Has experience of the identity and access management domain, including authentication protocols (OAuth, OpenID Connect and SAML) and account life cycle Comfortable with Java application stacks, REST API, Linux virtual server environments, cloud hosting (eg AWS or Azure), IP Networking, configuration of ports and Firewalls, DNS, certificates Provide technical leadership to the build teams and drive the value delivery in iterative dev/test cycles. Undertake structured analysis of technical issues and translating this analysis into technical designs that describe the required solution Identify opportunities to collaborate and reuse components, communicating with both technical and non-technical stakeholders Excellent communication and presentation skills and the ability to collaborate with senior stakeholders and 3rd parties providing technical direction and establishing agreements Able to provide technical leadership, guide and mentor the development team to build solutions according to the design Able to assimilate vendor product integration requirements and make design and technical decisions for optimal use of off-the-shelf and custom Java components, ensuring high performant systems, scalability and maintainability. Technical governance and the assurance of required digital identity services ensuring best practices are followed Good working knowledge of open source and Java technologies, including APIs and microservices Able to interact with and guide a skilled DevSecOps team Agile development methods - Scrum, Kanban, TDD, BDD, etc.
Role responsibilities: Interacting with project roles as required, to gain an understanding of the business environment, technical context, and organisational strategic direction. Advising our customer on the latest technologies and methodologies, designing and implementing innovative approaches to their problems using automation. Understanding security policies and implementing solutions to satisfy security requirements. Designing and implementing solutions which have high availability and are scalable. What you will bring to the team: Enthusiasm for collaboration and excellent communication skills (written and verbal). An interest in keeping up with emerging tools, techniques, and technologies. Effective time management and organisational skills. A flexible and Agile way of working within a fast paced and everchanging environment. Attention to detail with a pragmatic and enthusiastic attitude to work Desirable Skills and Technologies: Experience and knowledge of AWS/Azure and Azure Virtual Desktop. Experience with configuration management tools, eg, Ansible (preferred), Puppet, Chef. Familiar with (or ability to learn easily) the following languages: Python, bash Scripting, React, Go. Experience with deploying, configuring, and managing cloud architecture and technologies in AWS environments. Experience with web application services such as NGINX, Apache, JBoss. Knowledge of OpenShift Containerisation, RHEL 6,7,8, Docker and Kubernetes. Experience with monitoring systems eg, ELK, Nagios, New Relic, DataDog, Splunk etc. Working knowledge of digital delivery processes and methodologies. Knowledge of Atlassian Toolset. Knowledge of JavaScript Understanding of Front End technologies, such as HTML5, and CSS3. Understanding the nature of asynchronous programming, its quirks and workarounds. Understanding of database schemas and query languages. Knowledge of infrastructure as code and CI/CD pipelines eg, Jenkins, Terraform, Bitbucket, GIT repositories, Concourse, Team City etc. An understanding of how to deploy and configure AWS components to adhere to tight security requirements. Awareness of security identity, access management and authentication using products such as ADFS, SSL/TLS Certs, OIDC, OAUTH2, Keycloak or Redhat SSO
15/05/2024
Full time
Role responsibilities: Interacting with project roles as required, to gain an understanding of the business environment, technical context, and organisational strategic direction. Advising our customer on the latest technologies and methodologies, designing and implementing innovative approaches to their problems using automation. Understanding security policies and implementing solutions to satisfy security requirements. Designing and implementing solutions which have high availability and are scalable. What you will bring to the team: Enthusiasm for collaboration and excellent communication skills (written and verbal). An interest in keeping up with emerging tools, techniques, and technologies. Effective time management and organisational skills. A flexible and Agile way of working within a fast paced and everchanging environment. Attention to detail with a pragmatic and enthusiastic attitude to work Desirable Skills and Technologies: Experience and knowledge of AWS/Azure and Azure Virtual Desktop. Experience with configuration management tools, eg, Ansible (preferred), Puppet, Chef. Familiar with (or ability to learn easily) the following languages: Python, bash Scripting, React, Go. Experience with deploying, configuring, and managing cloud architecture and technologies in AWS environments. Experience with web application services such as NGINX, Apache, JBoss. Knowledge of OpenShift Containerisation, RHEL 6,7,8, Docker and Kubernetes. Experience with monitoring systems eg, ELK, Nagios, New Relic, DataDog, Splunk etc. Working knowledge of digital delivery processes and methodologies. Knowledge of Atlassian Toolset. Knowledge of JavaScript Understanding of Front End technologies, such as HTML5, and CSS3. Understanding the nature of asynchronous programming, its quirks and workarounds. Understanding of database schemas and query languages. Knowledge of infrastructure as code and CI/CD pipelines eg, Jenkins, Terraform, Bitbucket, GIT repositories, Concourse, Team City etc. An understanding of how to deploy and configure AWS components to adhere to tight security requirements. Awareness of security identity, access management and authentication using products such as ADFS, SSL/TLS Certs, OIDC, OAUTH2, Keycloak or Redhat SSO