Information Security Architect

Feb 20, 2020

Position Purpose:As a recognized Information and Cyber Security authority the Information Security Architect collaborates on Information Security standards & controls and creates robust security architectures in support thereof and leads the realization of the security architecture into the target environments to secure the enterprise’s information assets. Extensive subject matter knowledge of Information Security and Cyber Security is essential.Qualifications

  • Matric
  • Degree in Information Systems / B Sc Computer Science (or similar)

Experience:

  • 10 years working experience within the IT industry.
  • 5 years leadership role in an IT Security environment
  • 5+ years experience with IT projects from a Security architecture and design perspective (SDLC)
  • 2 – 3 years hands-on experience with cloud applications, infrastructures and public cloud providers (AWS, Azure, GCP)
  • 5+ years extensive experience in Information Security and/or IT risk management with a focus on security, performance, and reliability
  • 5+ years experience implementing multi-factor authentication, single sign-on, identity management or related technologies

Job objectives:Create information security architectures and designs to secure enterprise information assets in line with architecture standards:

  • Develop and maintain an understanding of the business strategy, business priorities and the overall enterprise Information Security Management System (ISMS).
  • Develop the company’s Information Security roadmap and blueprints in line with the strategic business direction.
  • Determine security requirements by evaluating business strategies and requirements, researching Information Security standards and technologies, evaluating network and security technologies, collaborating on security and vulnerability analyses and risk assessments of on-premise, cloud and 3rdparty hosted environments, and monitoring changes in laws, regulations (Like PCI DSS, POPI).
  • Translate security requirements into effective Information Security architectures and designs to secure enterprise information assets in line with the requirements.
  • Engage all stakeholders to obtain agreement on proposed information security solutions and work closely with business stakeholders, IT Compliance, IT Security operations, Business Analysts, Developers, Testers and Project Managers to architect and implement information security solutions.
  • Create business, data, application and technology architectures and designs using the appropriate modelling techniques and methodologies for Information Security in the enterprise architecture repository in line with architecture principles.
  • Keep abreast of the latest Information and Cyber Security trends and emerging technologies, identify and analyze architecture best practices, determine the potential impact on the enterprise, and drive adoption as deemed appropriate.

Serve as the primary Information Security architecture authority for all project and operational stakeholders, and ensure secure architecture across all solutions and technology landscapes:

  • Serve as the primary Information Security architecture authority for all project and operational stakeholders, and ensure secure architecture across all solutions and technology landscapes.
  • Be clearly identified as the senior design authority as it relates to Information and Cyber Security and provide technical guidance and leadership in solution proposals, RFIs, RFPs, and project teams.
  • Partner with the Enterprise Architect and other Solution Architects in support of the definition and development of the overall retail solution landscape.
  • Detect critical Information and Cyber Security deficiencies in solution architectures and recommend improvements.
  • Work with Project Managers, IT Team Leaders, and external service providers to drive projects to successful implementation.
  • Review external and internal designs of solutions and technologies from an Information and Cyber Security risk perspective.
  • Ensure applicable Architecture and Design reviews are conducted in line with Information and Cyber Security requirements and the defined IT governance and processes.
  • Provide architectural oversight and guidance to development teams to ensure secure solutions during the detailed design, build, test and deploy phases that conforms to architecture principles and standards.
  • Provide input into Information Security standards, policies, and procedures for emerging threats.

Lead the creation of Information Security architecture and design patterns and standards, and contribute to SDLC governance standards as required to secure the enterprise’s information assets:

  • Maintain and manage Information and Cyber Security related architecture artefacts in the Enterprise Architecture repository and ensure that the content is effectively organized and controlled so as to maintain architectural consistency.
  • Contribute to the definition of a framework for Solution Architecture and the policies, procedures and templates that guide and govern Architecture processes.
  • Contribute to the development of architecture principles and compliance criteria to guide technology decisions.
  • Contribute to the development of solution modelling standards and guidelines.

Knowledge & Skills:

  • 2 – 3 years demonstrable knowledge of Security Architectures and familiarity with various architecture viewpoints (Business, applications, data, and technology architectures)
  • 5+ years solid understanding of common security services and implementation including security protocols, cryptography, authentication, authorisation, network security intrusion and exfiltration prevention tools
  • 3+ years mentoring others to improve skills
  • 3+ years strong leadership skills to indirectly manage across functional teams toward common solutions
  • 3+ years strong facilitation skills to engage subject matter experts to define data requirements and conduct data modelling design reviews with project teams

Learn more/Apply for this position