Position Description:
The Foschini Group (TFG) is looking to hire an Information Security Architect to join their Information Security team. As one of South Africa’s leading independent retailers, TFG operates 20+ retail brands and various corporate service divisions. TFG has built the business through innovative differentiation, new business development, acquisition, and expansion, and is dedicated to the development and implementation of world-class IT systems and infrastructure.
This role is a key part of the Information Security Function. Reporting to the CISO, the key objective of the role is as follows:
Key Objectives
- Undertake risk assessments, define threat models
- Managing the lifecycle of the Security Solutions portfolio,
- Providing Architecture assurance across all IT projects,
- Developing and maintaining Security architecture artefacts,
- Conducting research into threats, new technologies, approaches and compliance,
- Providing Change management guidance,
- Managing the portfolio of policies and standards,
- Reviewing SOW’s, RF’s, POT’s POC’s,
- Conducting an annual review of our Cloud service providers.
Qualifications and Experience
- A relevant Bachelors’ degree
- Minimum of 10 years IT experience (of which 3-5 years should be in a similar role)
- Appropriate certifications (E.g., CISSP, SABSA, CISM, CRISC, GIAC etc.)
- Experience in Security Architecture, with the ability to define security blueprints, define threat models, and assess solutions, define security principles and security standards
- Alternatively, 8 to 12 years’ experience, with a combination of experience across End User Computing, Infrastructure and Cloud. We will assist you in developing as a security architect
- Expertise in defining solution architectures
- Expertise in understanding infrastructure architecture
- Understanding and experience across large enterprise infrastructure
- environments
- Broad security technology knowledge across and hands-on experience across IAM, Data Protection, Network Security,
- Endpoint Protection, Cloud computing, and Secure Software Development
- PCI-DSS experience, Data Security
- Performing Risk Assessments
- Knowledge and application of risk assessments, security architecture reviews, definition of reference architecture, application of Info security practices and technologies.
Soft Skills required:
- Strong communication skills
- Change leadership skills
- Facilitation and negotiating skills
- Researching skills
Preference will be given, but not limited to, candidates from designated groups in terms of the Employment Equity Act.