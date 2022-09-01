Enterprise Security Architect – Gauteng Johannesburg Region

Sep 1, 2022

  • The role is required to assist in the development of a security architecture capability that will continue to mature to address the complex security problems in systems, people and processes including those that emerge in digital business transformation.
  • It incorporates planning and designing the company’s processes, Information and Technology components to interact harmoniously while aligned with business requirements to maintain a state of “managed-security-related risk”.
  • Agility in learning core skills and emerging skills based on unique circumstances within the organisation.
  • The Enterprise Security Architect will supervise third-party service providers and internal security teams.

QUALIFICATION AND EXPERIENCE

  • Degree in Information Security/Bachelors or relevant equivalent to NQF Level 6.
  • Must have one or more of the following professional certifications: CCSP, CISSP, CISSP-ISSAP, CISM, CRISC, CEH.
  • Advantageous certificates: COBIT 5/2019 or ITIL V3/4.
  • Minimum of 8 years’ experience in Cybersecurity or Information Security of which three years was spent leading teams or as an information security technical lead.
  • Experience in security architecture methodologies, tools, and enablers.
  • Hands-on experience with implementation and monitoring of various IT Security solutions.
  • Excellent understanding of IT operational processes and controls including projects deployment.
  • Excellent understanding of regulatory requirements facing the IT environment (PCI DSS, POPIA, GDPR).
  • Must be persuasive and be able to communicate cybersecurity related concepts to a broad range of technical and non-technical staff.
  • Be able to map business needs to technology solutions.
  • Solid understanding of security risks and preventative controls.
  • Understand IaaS/PaaS/SaaS security deployments; native cloud security tools; CASB/CSPM/CWPP capabilities.
  • Security Frameworks, Standards and Best Practices:
  • ISO 27001 and ISAE 3402 SOC 2
  • PCI DSS
  • NIST SP 800-53
  • CIS or DISA benchmarks
  • Microsoft Cloud Adoption framework
  • Microsoft Cybersecurity Reference Architecture
  • Familiar with security architecture methodologies and frameworks (e.g. SABSA,
  • TOGAF E-OSA0
  • Experienced in multiple domains of cybersecurity.
  • Be open-minded to new ways of doing things
  • Experience in the development and usage of Technology Patterns / Models to achieve business outcomes.
  • Recognised subject matter expert

POSITION OUTPUTS:

Architecture and strategy:

  • Understand how business architecture shapes and defines the technical security architecture.
  • Improve the security methods and practices that influence the architecture and design of the company processes and technology deployments.
  • Risk Management- master data centric risk management and data flow maps; ongoing assessments on the company environments (both on-prem and cloud based) to ensure risk is mitigated effectively.
  • Security Architecture Methods-be familiar with security architecture methodologies and frameworks (e.g., SABSA, TOGAF E-OSA, NIST CSF).
  • Security Frameworks, Standards & Best Practices.
  • Understand necessary interactions across both formal activities and more informal communications.

Leadership:

  • Influence how the business will adopt security.
  • Use business relationship management to interact and work with relevant
  • stakeholders to ensure that their needs are addressed by the security architecture.
  • Strategic Planning.
  • Relationship Management.
  • Political Navigation.

Privacy Advocacy:

  • Be aware of and having a data inventory of all private data stored in company systems.
  • Know what data protection mechanism have been deployed to protect private data.
  • Know expectations set by compliance and risk teams for the processing and storage of private data.
  • The company is committed to diversifying its staff profile in terms of its transformation agenda and encourages candidates from previously disadvantaged backgrounds to apply.
  • The company will respond to short listed candidates. Candidates who have not been contacted within 4 weeks of the closing date can assume that their application has been unsuccessful.
  • Know legal limitations placed on data in cloud such as residency and sovereignty limitations.
  • Understand how privacy is handled by the company’s contractual arrangements with service providers.

Technical:

  • Understanding of a broad technological security architecture.
  • Identity and Access Management including ecommerce systems.
  • Privileged Access Management.
  • Network and processes design.
  • Secure application development.
  • Standards and security baselines configurations.
  • Data Protection initiatives including cloud applications and infrastructure.
  • Matured understanding of Cryptography.
  • Tech Security Deployments.

Operational:

  • Improve technologies that influence how IT operates in a secure manner.
  • Mature understanding of Infrastructure tools.
  • Monitoring and Compliance Tools.
  • Network security services including Security Operations activities.
  • Cloud Security management and controls implementation.
  • Physical security technology.
  • Assuring protection of types of business information.
  • Assuring integrity of business processes.
  • Protecting communications and information flow within the business.
  • Ability to meet regulatory and legal obligations.

Service Delivery:

  • Provide third line support to users with any Information Security related queries within the SLA time frame.
  • Overseeing and providing advanced support on open issues (e.g., customer logged tickets, incidents, projects etc.).
  • Assist in incident response for any breaches, intrusions, or theft.
  • Coach and guide team members regarding security activities.
  • Assist the end-user, and IT in requesting security variances and implementation of subsequent configuration change requests.
Adhoc:

  • Recommend best security practices to achieve business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results.
  • Research, identify and recommend improvement to capabilities and maturity of threat and vulnerability management strategy, policy, standards, processes, procedures, and tools to deliver value to the business.
  • Maintain system documentation and configuration data for regulatory and audit purposes.
  • Assist in the management and optimisation of Security Operations Centre for detection, prevention protection and response on cyberattacks.

