ENTERPRISE SECURITY ARCHITECT – Gauteng Sandton

Jul 16, 2022

ENTERPRISE SECURITY ARCHITECT

CLOSING DATE 25 JULY 2022

LOCATION Sandton, Illovo

POSITION TYPE Permanent

CLOSING DATE 25 July 2022

SALARY R1 000 000 Per Annum.

TO APPLY:
Update your CV in detail and send to ATTENTION: SHASHI PREMRAJ Ref shashi@mployglobal

CONTACT:
For email address WHATSAPP CALL AND MESSAGES ONLY to the Cell phone number listed in the REF above.

PURPOSE

The role is required to assist in the development of a security architecture capability that will continue to mature to address the complex security problems in systems,people and processes including those that emerge in digital business [URL Removed] incorporates planning and designing Company’s processes, Information and Technology components to interact harmoniously while aligned with business requirements to maintain a state of “managed-security-related risk”. Agility in learning core skills and emerging skills based on unique circumstances within the organisation. The Enterprise Security Architect will supervise third-party service providers and internal security teams.

QUALIFICATIONS

  • Bachelors Degree / National Diploma in IT or equivalent IT related Degree or Diploma.

  • ITIL & COBIT IS MANDATORY

  • Cybersecurity certification: ISO 27001, CRISC, CISSP & CEH highly recommended.

EXPERIENCE

  • Minimum of 8 years Cybersecurity related experience.

  • Experience in security architecture methodologies, tools and enablers.

  • Hands-on experience with implementation and monitoring of various IT Security solutions.

  • Excellent understanding of IT operational processes and controls including projects deployment.

  • Excellent understanding of regulatory requirements facing the IT environment(PCI DSS, POPIA, GDPR).

  • Must be persuasive and be able to communicate cybersecurity related concepts to a broad range of technical and non-technical staff.

  • Be able to map business needs to technology solutions.

  • Solid understanding of security risks and preventative controls.

  • Understand IaaS/PaaS/SaaS security deployments; native cloud security tools;CASB/CSPM/CWPP capabilities.

**KNOWLEDGE REQUIRED FOR THIS ROLE:

  • Security Frameworks, Standards and Best Practices:
  • ISO 27001 and ISAE 3402 SOC 2
  • PCI DSS
  • NIST SP 800-53
  • CIS or DISA benchmarks
  • Microsoft Cloud Adoption framework
  • Microsoft Cybersecurity Reference Architecture
  • Familiar with security architecture methodologies and frameworks (e.g. SABSA,TOGAF E-OSA0
  • Experienced in multiple domains of cybersecurity.
  • Be open-minded to new ways of doing things
  • Experience in the development and usage of Technology Patterns / Models toachieve business outcomes.
  • Recognised subject matter expert

JOB DUTIES /RESPONSIBILITIES

Architecture and strategy:

  • Understand how business architecture shapes and defines the technical securityarchitecture.
  • Improve the security methods and practices that influence the architecture and design of Company processes and technology deployments.
  • Risk Management- master data centric risk management and data flow maps, ongoing assessments on company environments (both on-prem and cloudbased) to ensure risk is mitigated effectively.
  • Security Architecture Methods-be familiar with security architecture methodologies and frameworks (e.g. SABSA, TOGAF E-OSA, NIST CSF).
  • Security Frameworks, Standards & Best Practices.
  • Understand necessary interactions across both formal activities and more informal
    communications.

Leadership:

  • Influence how the business will adopt security.
  • Use business relationship management to interact and work with relevant stakeholders to ensure that their needs are addressed by the security architecture.
  • Strategic Planning.
  • Relationship Management.
  • Political Navigation.

Privacy Advocacy:

  • Be aware of and having a data inventory of all private data stored in company systems.
  • Know what data protection mechanism have been deployed to protect private data.
  • Know expectations set by compliance and risk teams for the processing and storage of private data.
  • Know legal limitations placed on data in cloud such as residency and sovereignty limitations.
  • Understand how privacy is handled by contractual arrangements with service providers.

Technical:

  • Understanding of a broad technological security architecture.
  • Identity and Access Management including ecommerce systems.
  • Privileged Access Management.

  • Network and processes design.

  • Secure application development.

  • Standards and security baselines configurations.
  • Data Protection initiatives including cloud applications and infrastructure.
  • Matured understanding of Cryptography.
  • Tech Security Deployments.

Operational:

  • Improve technologies that influence how IT operates in a secure manner.
  • Mature understanding of Infrastructure tools.
  • Monitoring & Compliance Tools.
  • Network security services including Security Operations activities.
  • Cloud Security management and controls implementation.
  • Physical security technology.
  • Assuring protection of types of business information.
  • Assuring integrity of business processes.
  • Protecting communications and information flow within the business.
  • Ability to meet regulatory and legal obligations.

Service Delivery:

  • Provide third line support to users with any Information Security related queries within the SLA time frame.
  • Overseeing and providing advanced support on open issues (e.g. customer logged tickets, incidents, projects etc.).
  • Assist in incident response for any breaches, intrusions, or theft.
  • Coach and guide team members regarding security activities.
  • Assist the end-user, and IT in requesting security variances and implementation of subsequent configuration change requests.

Adhoc

  • Recommend best security practices to achieve business objectives, advises onrisk assumptions for any variances granted, and provides alternatives to achieve desired end results.
  • Research, identify and recommend improvement to capabilities and maturity of threat and vulnerability management strategy, policy, standards, processes,procedures and tools in order to deliver value to the business.
  • Maintain system documentation and configuration data for regulatory and audit purposes.
  • Assist in the management and optimisation of Security Operations Centre for detection, prevention protection and response on cyberattacks.

COMPETENCIES /SKILLS
Attributes / Values

  • Successful leader traits
  • Problem solving skills with the ability to interpret and analyse data
  • Ability to explore and learn new technology and processes
  • Have emotional resilience
  • Be able to manage relationships
  • Be able to handle conflict
  • Take initiatives in solving problems
  • Embrace diversity and collaboration.

TO APPLY:
Update your CV in detail and send to ATTENTION: SHASHI PREMRAJ Ref shashi@mployglobal

CONTACT:
For email address WHATSAPP CALL AND MESSAGES ONLY to the Cell phone number listed in the REF above.

Desired Skills:

  • CRISC
  • CISSP & CEH highly recommended.
  • Security Frameworks Standards and Best Practices
  • ISO 27001 and ISAE 3402 SOC 2
  • Familiar with security architecture methodologies and frameworks (e.g. SABSATOGAF E-OSA0
  • Cybersecurity certification: ISO 27001 CRISC CISSP & CEH
  • ITIL & COBIT IS MANDATORY

Desired Work Experience:

  • More than 10 years

Desired Qualification Level:

  • Degree

About The Employer:

TO APPLY:
Update your CV in detail and send to ATTENTION: SHASHI PREMRAJ Ref shashi@mployglobal

CONTACT:
For email address WHATSAPP CALL AND MESSAGES ONLY to the Cell phone number listed in the REF above.

Learn more/Apply for this position