Pretoria: Lead Applications & Integration Security posted by IT Ridge Technologies

The main purpose of this position is to provide technical leadership and guidance in the application and integration security function, in support of secure business applications development, implementation and maintenance.

Detailed description

• Contribute to the compilation of divisional operational plans and take responsibility for the
  implementation as well as the monitoring thereof.
• Manage and direct the development and maintenance of the secure Software Development Life Cycle
  procedures and standards based on the environment and manage the implementation thereof
  ensuring that the solutions are free from cybersecurity vulnerabilities.
• Lead and manage the vulnerabilities threat process in support of building an advanced security posture for the Organisation
• Address the application and integration security audit findings to reduce the threat landscape
  and improve its application security posture.
• Lead and guide the security component of the information technology (IT) projects, upholding code
  reviews and ensuring compliance with security standards during each stage of the project development
  life cycle.
• Contribute to the development of the Security Major Incident Response Procedures and manage the
  implementation thereof, during a security breach.
• Drive the application and integration security awareness campaigns and oversee training to all key
  stakeholders (including developers, testers and business analysts) on secure development.
• Provide consolidated and integrated reports and analytics for various forums pertaining to the application and integration security landscape
• Identify and mitigate risks related to the application and integration security environment and ensure
  compliance with relevant governance frameworks.
• Keep abreast of best practices and development in the field of application and integration security and ensure continuous improvement, while ensuring the optimal use of security best practice with the
  development of new solutions.
• Lead stakeholder engagements (internal and external), in support of the sound security posture to fulfil the line management function pertaining to development and performance of the team

Job requirements:

• Bachelors degree (NQF 7) in Information Systems and Management or an equivalent qualification
• Certification in Application Security Engineer (SACE)
• Certified Ethical Hacker (CEH)
• 810 years experience in the secure SDLC frameworks and solutions, of which at least 5 years must be
  exposure to overall security governance best practices frameworks and design, penetration testing,
  integration and applications code reviews.