Overview
Job PurposeTo ensure that the stakeholder security requirements, necessary to protect the organization’s mission and business processes, are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.
Qualifications
Formal Education
- Matric or NQF level 5
- B-Tech or BSc in Information Technology at NQF Level 7
- Post graduate Qualification/Honours or master’s is advantageous
Certification
- Project Management Certification
- ITIL Certification (Information Technology Infrastructure Library)
ExperienceExperience
- 10-15 years’ experience within Information Technology
- Experience with software development cycles+B15
- Expert knowledge of programming languages, including Python
Knowledge• Knowledge of electrical engineering as applied to computer architecture (e.g., circuit boards, processors, chips, and computer hardware)
• Knowledge of business continuity and disaster recovery continuity of operations plans
• Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing)
• Knowledge of microprocessors. Knowledge of business continuity and disaster recovery continuity of operations plans
• Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures)
• Knowledge of computer algorithms. Knowledge of program protection planning (e.g., information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements)
• Knowledge of remote access technology concepts
• Knowledge of communication methods, principles, and concepts that support the network infrastructure
Duties
Cyber Security Design
• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data
Documentation
• Document and address the organization’s information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment
Security Reviews
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately
Security Architecture
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents
• Ensure that acquired or developed system(s) and architecture(s) are consistent with organization’s cybersecurity architecture guidelines
• Employ secure configuration management processes
People Management
• Train and develop own team
• Performance management of team
• Manage leave and general attendance
• Supervise and monitor outputs delegated to team members
Reporting
• Provide management with monthly, quarterly, and annual purchasing reports
Job Competencies
Competencies
• Business Continuity
• Client Relationship Management
• Computer Network Defense
• Computers and Electronics
• Data Analysis
• Enterprise Architecture
• Information Technology Assessment
• Mathematical Reasoning
• Risk Management
• Systems Integration
• Technology Awareness
• Telecommunications