We are recruiting for a Senior Security Architect to assist the organisation with defining, designing and implementing the security architecture initiatives in line with leading practices for a period of 24 months.
Key Responsibilities:
- Security architecture development:
- Develop and maintain the security architecture frameworks, reference model, standards, principles and guidelines in line with the organization's enterprise architecture and information and communication technology (ICT) strategy.
- Monitor compliance and implementation of the security architecture as per the approved design.
- Develop and maintain security reference material (security reference architectures, patterns and standards) to be referenced as part of the enterprise and solution architect deliverables.
- Establish and maintain an inventory of security controls and mechanisms and classify inventory according to the security reference model.
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
- Review security technologies, tools and services, and make recommendations to the broader security team based on security, financial and operational metrics.
- Liaise with the organization's cyber security team members to share best practices and insights.
- Coordinate with other ICT stakeholders to document data flows of sensitive information in the organization and recommend controls to ensure that this data is adequately secured (e.g. encryption and tokenisation).
- Provide regular reporting on the state of the security landscape and posture and make recommendations on addressing the threats and mitigating risks.
- Validate the IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
- Review architecture definitions and ensure the inclusion of security controls and mechanisms therein, in accordance with security architecture patterns, standards and principles.
- Ensure compliance with the organization's policies, procedures and other legislative requirements, and ensure that risks within the function are identified, assessed and mitigated.
- Provide technical guidance, oversight, coaching and mentoring to team members in the enterprise architecture environment regarding security architecture to ensure delivery of integrated results.
- Govern and track the implementation of the security roadmaps.
- Ensure alignment between enterprise architecture, solution architecture, architecture principles ICT standards and security architecture to ensure standardization and reduce risk.
- Develop and evaluate requests for information (RFIs) and requests for proposals (RFPs), where required.
- Stakeholder management: Establish, build and maintain collaborative working relationships with relevant internal stakeholders.
- Build and maintain positive and value-adding relationships with relevant external stakeholders.
- Scan the environment to ensure a clear understanding of stakeholder needs.
- Proactively interact with stakeholders to determine their needs and deliver on them accordingly.
- Engage with both internal and external stakeholders to identify and evaluate performance barriers and success in order to continuously improve on the service delivery.
- Work in collaboration with colleagues in the centre to ensure timeous delivery of the work and manage service level agreements (SLAs).
- Must have an information technology-related diploma or degree and professional certification in the architecture and security fields (i.e. TOGAF, Cloud Based Certifications, Azure, CEH, Security+).
- Must have at least five years of experience as a Senior Security Architect and possess expertise in the following security architecture components:
- Security architecture principles.
- Security policies and standards.
- Security risk assessment and threat model.
- Identity and access management (IAM) architecture.
- Data security and privacy architecture.
- Network security architecture.
- Application security architecture.
- Cloud security architecture.
- Endpoint and mobile security framework.
- Incident response and security operations plan.
- Compliance and regulatory mapping.
- Cyber resilience and business continuity plan (BCP).
- Security architecture roadmap.
- Zero trust architecture (ZTA) blueprint.
For more information please contact:
Dimpho Bogopa