Job Description

Security Architect

This role will be responsible for providing technical security advice and guidance with a focus on the Group/South Africa organisation. This candidate will be involved in multiple change projects and be responsible for producing and publishing tailored Security best practice guidance.

Key Responsibilities

• Providing security advice, requirements and guidance to the business when delivering new systems or updates to existing, to ensure Security by design.
• Performing security-focused risk assessment on new systems/services and changes to existing to ensure they are within risk tolerance.
• Working with the business to review designs and ensure that they are in line with existing security principles, patterns, standards, and best practise.
• Work with the business to define, document and implement core security patterns, standards, and guidelines.
• Reviewing the current security processes within your area of focus, to ensure optimisation and coverage.
• Be the initial security point of contact for your region and route any questions to the relevant teams.
• Work with the wider security architecture team to ensure a standardised approach to security is defined and followed.
• Collaborate with IT teams to make sure the correct security controls and measures are in place before implementation.

Requirements:

• Bachelorxe2x80x99s degree or equivalent experience in computer science, IT engineering, or related field
• An MSc Information Security or equivalent would be an advantage.
• Information Security and/or Information Technology certifications such as CISSP etc. are preferred.
• Azure Security Certifications are preferred.
• Experience of common frameworks such as NIST, CIS, ISO27k and MITRE
• Experience in using SABSA valuable
• Review solution designs and recognise security concerns.
• Work with vendors to understand the mitigations and make recommendations.
• Be able to pragmatically review and understand where the security risk could outweigh the business benefits.
• Represent both the business to security and security to the business.
• Help make the business understand the importance of considering security in designs.
• Ability to support the business in the delivery of security requirements.
• Understanding of Threat Modelling frameworks and implementation e.g., STRIDE
• Ability to deconstruct complex environments and navigate conflicting project requirements.
• Work with the wider security team to mature security processes and patterns.
• Prior experience working in Information security is essential.
• Prior experience of working as a security architect is essential.
• Prior experience of creating security artefacts is preferred.

ABC Worldwide