Requirements:

Degree in IT or equivalent Professional certifications and experience in Information Security from industry standard security frameworks, e.g. ISACA, BCS, CIPP, ITIL, Crest, ISC2, COMPTIA and key security vendors including Microsoft, Crowdstrike, Qualys, IBM. 5-8 years experience in end-to-end archtecture lifecycle, from analysis, design to overseeing compliance of implementated solution. Understanding of network protocols, architectures, and components Familiarity with firewalls, intrusion detection/prevention systems (IDS/IPS), and network monitoring tools Ability to configure and manage network security devices Proficiency in securing various operating systems, including Windows, Linux, and macOS Knowledge of system hardening techniques, patch management, and access controls Ability to monitor and analyse threat intelligence sources to identify potential risks Understanding of threat actors, attack vectors, and emerging cyber threats Experience in performing security assessments and penetration testing Understanding of encryption algorithms, key management, and secure communication protocols Ability to implement encryption solutions to protect data at rest and in transit Experience in configuring data loss prevention (DLP) policies and monitoring data flows Understanding of DLP solutions to prevent unauthorized data leakage Knowledge of cloud security principles and best practices. Experience with securing cloud environments on platforms like AWS, Azure, or Google Cloud Understanding of secure coding principles to develop and maintain secure applications. Awareness of relevant cybersecurity regulations and standards (e.g., GDPR, HIPAA, NIST) Understanding of TCP/IP protocols, subnetting, routing, and network architecture Ability to analyse network traffic and identify anomalies Familiarity with digital forensics tools and practices to investigate security breaches Understanding of mobile device security, including mobile operating systems and application security Key responsibilities: Work closely with the review board facilitators to review submissions from security perspective and seek alignment. Ensure that all open questions are addressed in sufficient level of detail, and risks are highlighted Keep track and follow-up on all security related actions and conditional approvals Enhance and where necessary introduce checklists and guidelines for review boards and Project Management Office. Escalate discrepancies to global information management Architect(s) and/or information management security. Project design review: Perform project related architecture design review and clear direction with Security team (and other Architecture disciplines within the broader global information management EA & governance teams). The design reviews includes cloud solutions (especially Microsoft Azure) and on-premise solutions. Feedback lessons learnt into Security Architecture collaboration space for continous improvement Provide valued input into Security Architecture function to ensure a comprehensive security architecture framework, standards, reusable security patterns and checklists. As subject matter expert working closely with global information management Architecture teams, Application development & Integration teams and Infrastructure Services teams to set comprehensive security architecture framework, overarching principles, global security architecture standards, reusable security patterns & best practises (e.g. OWASP – Open Worldwide Application Security Projects), pragmatic hardening guidelines (e.g. CIS benchmarking), relevant compliance checklists Activities related to improving Cyber Resilience positioning using the NIST framework, with the key focus on the pillars protect & recover.

Security Architecture Specialist position available in Gauteng, Johannesburg. This job position was posted by . The job has been posted on 2025-02-19 in the It Computing Software category