- The Application Security Architect will be responsible for engaging across the Life Healthcare Group by providing in depth knowledge and application security architecture expertise. The Application Security Architect will work collaboratively across all verticals within the organisation by engaging with various subject matter experts across the business enablement and technology teams in providing architecture support and designing solutions to meet the required security needs of all applications.
The Application Security Architect will work closely with solution architects and development engineers in ensuring security has been built into the design. The Application Security Architect will operate under the guidance of the organisations cyber-security and digital transformation programmes.
Critical Outputs:
- Define and document security architectures and solutions to meet the organizations digital needs in a secure manner – Provide application security design details and implement where appropriate – Perform architecture peer reviews, design validations and signoffs – Perform Research and development where required – Document architecture policies and standards – Provide inputs towards the group cyber security architecture roadmap – Perform threat risk assessments across technology solutions
Requirements:
- NQF level 6 or bachelor’s degree i.e., Information Technology and/or Business Management – 8 years IT Business environment or other related experience as a minimum – 3 to 5 years’ experience in cloud platforms – Minimum of 3 to 5 years working experience in IT Security, architecture, or software development or related field – Security/Architecture or Technology related qualifications would be beneficial e.g., TOGAF, CISSP, Cloud – Experience in software development platforms such as Microsoft C#/.NET and other front end programming languages is required. – Excellent understanding of security strategies and technologies including secure network design, e-Channels, remote computing, desktop and server hardening, secure web services, Compliance Auditing, Secure Software Development Lifecycles, Software Auditing, Penetration Testing, Security Monitoring, Access Controls (identification, authentication, and authorisation) and Encryption. – Strong knowledge of information security frameworks and standards such as ISO 27001 and their application into diverse environments. – Understanding of various data governance and regulatory requirements with emphasis on healthcare would be beneficial – Experience in quantifying Cyber and Information Risk and translating that into language that the business can understand. – Extensive knowledge, understanding of Software Development Life Cycle, Secure development practices, DevSecOps and Application security – Knowledge of security around Infrastructure as Code – Knowledge of secure integration practices and API security – A sound understanding of network security and infrastructure hosting – Understanding of major enterprise security architectures such as Zero Trust- Good understanding of IT operations and processes
Competencies:
- Good interpersonal, facilitation and negotiation – Multitasking – Self-starter – Technical orientated – Leadership and mentoring skills – Self-confidence and assertiveness/persuasiveness – Business organisation and industry understanding – Strategic planning with implementation with a tactical lens and longer-term needs
Desired Skills:
- facilitation and negotiation – Multitasking – Self-starter – Technical orientated – Leadership and mentoring skills – Self-confidence and
Desired Work Experience:
- 5 to 10 years
Desired Qualification Level:
- Degree
About The Employer:
– Requirements:
– NQF level 6 or bachelor’s degree i.e., Information Technology and/or Business Management – 8 years IT Business environment or other related experience as a minimum – 3 to 5 years’ experience in cloud platforms – Minimum of 3 to 5 years working experience in IT Security, architecture, or software development or related field – Security/Architecture or Technology related qualifications would be beneficial e.g., TOGAF, CISSP, Cloud – Experience in software development platforms such as Microsoft C#/.NET and other front end programming languages is required. – Excellent understanding of security strategies and technologies including secure network design, e-Channels, remote computing, desktop and server hardening, secure web services, Compliance Auditing, Secure Software Development Lifecycles, Software Auditing, Penetration Testing, Security Monitoring, Access Controls (identification, authentication, and authorisation) and Encryption. – Strong knowledge of information security frameworks and standards such as ISO 27001 and their application into diverse environments. – Understanding of various data governance and regulatory requirements with emphasis on healthcare would be beneficial – Experience in quantifying Cyber and Information Risk and translating that into language that the business can understand. – Extensive knowledge, understanding of Software Development Life Cycle, Secure development practices, DevSecOps and Application security – Knowledge of security around Infrastructure as Code – Knowledge of secure integration practices and API security – A sound understanding of network security and infrastructure hosting – Understanding of major enterprise security architectures such as Zero Trust- Good understanding of IT operations and processes