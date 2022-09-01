- The role is required to assist in the development of a security architecture capability that will continue to mature to address the complex security problems in systems, people and processes including those that emerge in digital business transformation.
- It incorporates planning and designing the company’s processes, Information and Technology components to interact harmoniously while aligned with business requirements to maintain a state of “managed-security-related risk”.
- Agility in learning core skills and emerging skills based on unique circumstances within the organisation.
- The Enterprise Security Architect will supervise third-party service providers and internal security teams.
QUALIFICATION AND EXPERIENCE
- Degree in Information Security/Bachelors or relevant equivalent to NQF Level 6.
- Must have one or more of the following professional certifications: CCSP, CISSP, CISSP-ISSAP, CISM, CRISC, CEH.
- Advantageous certificates: COBIT 5/2019 or ITIL V3/4.
- Minimum of 8 years’ experience in Cybersecurity or Information Security of which three years was spent leading teams or as an information security technical lead.
- Experience in security architecture methodologies, tools, and enablers.
- Hands-on experience with implementation and monitoring of various IT Security solutions.
- Excellent understanding of IT operational processes and controls including projects deployment.
- Excellent understanding of regulatory requirements facing the IT environment (PCI DSS, POPIA, GDPR).
- Must be persuasive and be able to communicate cybersecurity related concepts to a broad range of technical and non-technical staff.
- Be able to map business needs to technology solutions.
- Solid understanding of security risks and preventative controls.
- Understand IaaS/PaaS/SaaS security deployments; native cloud security tools; CASB/CSPM/CWPP capabilities.
- Security Frameworks, Standards and Best Practices:
- ISO 27001 and ISAE 3402 SOC 2
- PCI DSS
- NIST SP 800-53
- CIS or DISA benchmarks
- Microsoft Cloud Adoption framework
- Microsoft Cybersecurity Reference Architecture
- Familiar with security architecture methodologies and frameworks (e.g. SABSA,
- TOGAF E-OSA0
- Experienced in multiple domains of cybersecurity.
- Be open-minded to new ways of doing things
- Experience in the development and usage of Technology Patterns / Models to achieve business outcomes.
- Recognised subject matter expert
POSITION OUTPUTS:
Architecture and strategy:
- Understand how business architecture shapes and defines the technical security architecture.
- Improve the security methods and practices that influence the architecture and design of the company processes and technology deployments.
- Risk Management- master data centric risk management and data flow maps; ongoing assessments on the company environments (both on-prem and cloud based) to ensure risk is mitigated effectively.
- Security Architecture Methods-be familiar with security architecture methodologies and frameworks (e.g., SABSA, TOGAF E-OSA, NIST CSF).
- Security Frameworks, Standards & Best Practices.
- Understand necessary interactions across both formal activities and more informal communications.
Leadership:
- Influence how the business will adopt security.
- Use business relationship management to interact and work with relevant
- stakeholders to ensure that their needs are addressed by the security architecture.
- Strategic Planning.
- Relationship Management.
- Political Navigation.
Privacy Advocacy:
- Be aware of and having a data inventory of all private data stored in company systems.
- Know what data protection mechanism have been deployed to protect private data.
- Know expectations set by compliance and risk teams for the processing and storage of private data.
- The company is committed to diversifying its staff profile in terms of its transformation agenda and encourages candidates from previously disadvantaged backgrounds to apply.
- The company will respond to short listed candidates. Candidates who have not been contacted within 4 weeks of the closing date can assume that their application has been unsuccessful.
- Know legal limitations placed on data in cloud such as residency and sovereignty limitations.
- Understand how privacy is handled by the company’s contractual arrangements with service providers.
Technical:
- Understanding of a broad technological security architecture.
- Identity and Access Management including ecommerce systems.
- Privileged Access Management.
- Network and processes design.
- Secure application development.
- Standards and security baselines configurations.
- Data Protection initiatives including cloud applications and infrastructure.
- Matured understanding of Cryptography.
- Tech Security Deployments.
Operational:
- Improve technologies that influence how IT operates in a secure manner.
- Mature understanding of Infrastructure tools.
- Monitoring and Compliance Tools.
- Network security services including Security Operations activities.
- Cloud Security management and controls implementation.
- Physical security technology.
- Assuring protection of types of business information.
- Assuring integrity of business processes.
- Protecting communications and information flow within the business.
- Ability to meet regulatory and legal obligations.
Service Delivery:
- Provide third line support to users with any Information Security related queries within the SLA time frame.
- Overseeing and providing advanced support on open issues (e.g., customer logged tickets, incidents, projects etc.).
- Assist in incident response for any breaches, intrusions, or theft.
- Coach and guide team members regarding security activities.
- Assist the end-user, and IT in requesting security variances and implementation of subsequent configuration change requests.
Adhoc:
- Recommend best security practices to achieve business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results.
- Research, identify and recommend improvement to capabilities and maturity of threat and vulnerability management strategy, policy, standards, processes, procedures, and tools to deliver value to the business.
- Maintain system documentation and configuration data for regulatory and audit purposes.
- Assist in the management and optimisation of Security Operations Centre for detection, prevention protection and response on cyberattacks.
Desired Skills:
- POPIA
- Microsoft
- IT operational processes
Desired Work Experience:
- 5 to 10 years
Desired Qualification Level:
- Degree