Job Description

JOB DESCRIPTION
Cybersecurity Architecture

• Design and maintain a secure architecture for both cloud and on-premises environments, ensuring alignment with enterprise IT strategy and cybersecurity frameworks.
• Conduct architecture reviews and threat modeling exercises to proactively identify design-level risks and recommend mitigations.
• Develop security reference architectures and patterns for infrastructure, applications, data, and identity management, incorporating zero trust principles and secure-by-design approaches.
• Ensure architectural compliance with industry standards and regulatory frameworks including POPIA ISO/IEC 27001, NIST SP 800-53, IT Joint Standards.
• Improve the security methods and practices that influence the architecture and design of Company processes and technology deployments.

IT Security Operations

• Collaborate with Security Operations to ensure architectural alignment in monitoring, threat detection, and incident response capabilities.
• Provide strategic input into the selection and deployment of SIEM, SOAR, DLP, EDR, and other critical tools to enhance the organization's security posture.
• Oversee the technical validation of security controls and ensure their effective implementation throughout the solution lifecycle.
• Analyze security issues and recommend appropriate solutions, technologies, and best practices aligned to business needs.
• Contribute to the secure configuration of systems and infrastructure in alignment with security baselines and hardening guides (e.g., CIS Benchmarks).
• Ensure adherence to approved ICT governance principles and compliance with applicable policies.

Change and Configuration Management

• Act as a security design authority in change advisory meetings (CAM) processes, evaluating risks associated with proposed changes.
• Provide architectural oversight for security configuration changes and remediation plans resulting from audits, risk assessments, or penetration tests.

Governance, Risk, and Compliance

• Develop and maintain cybersecurity architecture standards, principles, and policies in collaboration with GRC and Enterprise Enablement and Architecture (EEA) teams.
• Ensure architectural compliance with enterprise risk management processes, supporting enterprise risk appetite measures.
• Support the organization in responding to audits and regulatory reviews, providing architectural evidence of control implementation.
• Contribute to the planning and compliance monitoring through the CRMP process.
• Ensure compliance with GOI and IT Joint Standards.

Reporting

• Contribute to the development of strategic cybersecurity dashboards and reports that reflect architectural coverage, maturity, and roadmap progress.
• Track alignment of architectural decisions with key cybersecurity KPIs and organizational goals.

Processes and Continuous Improvement

• Continuously evaluate emerging technologies (e.g., AI/ML in cybersecurity, container security, SASE, XDR) and incorporate innovations into the architectural roadmap.
• Stay informed of emerging cybersecurity threats, trends, and technologies, particularly in the cloud security space.
• Promote the adoption of up-to-date cybersecurity frameworks to enhance overall risk mitigation.
• Champion cybersecurity innovation by participating in forums and research activities to evolve the organization's security capabilities.
• Regularly update architectural documentation and frameworks to reflect changes in technology and threat landscapes.

Stakeholder Engagement and Collaboration

• Work closely with Enterprise Enablement and Architecture, IT infrastructure, Project Office, and application teams to embed security into solution design.
• Influence and guide internal stakeholders on best practices in cybersecurity architecture and risk-informed decision-making.
• Provide architectural support and guidance to security-related projects, incident response efforts, and solution delivery teams.
• Act as an escalation point for complex security architecture queries or solution reviews.

Ad hoc

• Assist in the execution of ad hoc requests and special tasks as required by team members or leadership.
• Assist in special projects or ad hoc tasks requiring architectural expertise, including post-incident reviews or risk assessments.

JOB REQUIREMENTS
Qualifications

• Minimum Qualifications: National Diploma in IT /Bachelor or Relevant equivalent
• COBIT preferred
• One of the following Cybersecurity certifications is mandatory: ISO 27001/ CRISC/ CISSP/ CEH

Experience

• Minimum of 8 years cybersecurity related experience.
• Experience in security architecture methodologies, tools and enablers.
• Hands-on experience with implementation and monitoring of various IT Security solutions.

Skills Required