Gijima Staffing Solutions is responding to a tender: We are seeking an IT Security Architect is responsible for designing and implementing robust security architecture frameworks that protect the organization’s IT systems and data from potential threats. This role involves defining security requirements, developing security solutions, and ensuring that security policies and practices are integrated into all IT projects. The ideal candidate will have deep technical expertise in cybersecurity principles, architectures, and best practices.
Key Responsibilities:
- Security Architecture Design:Design and implement scalable and secure IT architectures to protect information systems. Ensure that security best practices are integrated into all stages of the development lifecycle.
- Risk Assessment & Mitigation:Identify potential security risks, conduct security assessments, and develop mitigation strategies. Proactively address vulnerabilities and ensure that systems are protected against evolving threats.
- Security Solutions Development:Evaluate and recommend security solutions (firewalls, encryption, identity management, etc.) based on organizational needs. Lead the deployment of security tools and technologies across the IT environment.
- Collaboration with IT Teams:Work closely with IT and development teams to integrate security controls into software development, cloud environments, and infrastructure projects. Provide technical security guidance to ensure secure system configurations.
- Compliance & Regulatory Requirements:Ensure that security architectures comply with regulatory requirements (e.g., GDPR, POPIA) and industry standards (e.g., ISO 27001, NIST). Develop and enforce security policies and procedures.
- Security Testing & Auditing:Conduct security reviews and penetration testing to validate the security of IT systems. Monitor and audit systems for potential weaknesses and recommend improvements.
- Incident Response Planning:Develop and maintain incident response plans to ensure quick identification and response to security incidents. Coordinate with security operations teams for incident detection and resolution.
- Security Awareness & Training:Provide security awareness training to staff and stakeholders to promote secure behavior. Keep the IT team up to date on the latest security threats and best practices.
Required Qualifications and Skills:
- Education:
- Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- Relevant certifications such as CISSP, CISM, CEH, or TOGAF Security.
- Experience:
- Minimum of 4 years of experience in IT security architecture, cybersecurity, or related roles.
- Technical Skills:
- Strong understanding of security architectures and frameworks (e.g., TOGAF, SABSA).
- Proficiency in security technologies, including firewalls, IDS/IPS, encryption, and identity and access management (IAM).
- Experience with cloud security in environments like AWS, Azure, or Google Cloud.
- Knowledge of secure network architecture, VPNs, and virtualized environments.
- Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and PCI-DSS.
- Soft Skills:
- Excellent communication and interpersonal skills, with the ability to translate complex security concepts into understandable terms for non-technical stakeholders.
- Analytical thinking and problem-solving abilities.
- Leadership skills to drive security initiatives and mentor other teams.
Tools & Technologies:
- Security Tools: Firewalls (e.g., Palo Alto, Fortinet), IDS/IPS (Snort, Suricata), SIEM (Splunk, ArcSight), VPN technologies.
- Cloud Security: AWS Security Hub, Azure Security Center, Google Cloud Security Command Center.
- Encryption & Key Management: PGP, OpenSSL, HashiCorp Vault.
- Identity & Access Management (IAM): Okta, RSA SecureID, Active Directory, LDAP.
Additional Considerations:
- Prior experience in designing security architectures for large or complex organizations is preferred.
- Experience with Zero Trust architectures and micro-segmentation is a plus.
- Knowledge of DevSecOps practices and automation in security testing is beneficial.
Desired Skills:
- TOGAF
- AWS
- AD