Job Description

Listing reference:

woolw_001358

Listing status:

Online

Apply by:

10 November 2025

Position summary

Industry:

FMCG & Supply Management

Job category:

FMCG, Retail, Wholesale and Supply Chain

Location:

Western Cape

Contract:

Permanent

Remuneration:

Market Related

EE position:

No

Introduction

We are searching for an energetic, self-driven and creative Security Architect to join us on our mission to maintain and develop a high-performing cybersecurity function in support of a complex business undergoing digital transformation. We are looking for a Senior Architecture and Engineering member of the cybersecurity team. This role supports the manager as part of a technical security team that designs, maintains and enhances the security technology stack with a zero-trust philosophy, supporting the key principles of 'security by design and default', and leverages modern technology and AI capabilities. This function enables security and technology teams through both change and operations. This is a highly technical role that requires demonstrable experience in security design, engineering, architecture and threat modelling.

Job description

Maintain the cybersecurity architecture covering the current and future technology landscape including on-prem and cloud solutions architecture. Identify solutions to enhance our architecture (e.g. improve visibility, reduce noise, automate or consolidate). Contribute to the Security Reference Architecture development which supports Security by Design and associated standards. Contribute to Business Case formulation with the relevant security input - advisory, standards and security patterns. Own Cybersecurity Enterprise Architecture (CEA) principles and drive adoption through Enterprise Architecture (EA) and across the business. Drive the implementation and optimization of Security by Design (SbD) across Woolies projects and Business Enablement. Proactively identify security design gaps in existing and proposed architectures and provide required changes or enhancements. Document these as relevant for re-use. Contribute to the ongoing maintenance and enhancement of Cyber and Information Security Policies, Standards, Procedures and Guidelines. Plan and prioritize projects and workload to deliver to the roadmap. Provide updates, context and feedback to relevant stakeholders. Conduct Security Architecture reviews for Projects or Business Enablement

Additional Responsibilities

Support proactive threat modelling with other cyber and technology stakeholders. Make security architectural information easily accessible and self-service to support scale, speed and security by design. Remain aware of global security industry trends and translate these into meaningful contributions to the cybersecurity strategy, principles and ways of working. Understand Cyber, IT and Business strategies and contribute to the creation and delivery of the annual cybersecurity roadmap and execution with a specific focus on security architecture and engineering disciplines.

Minimum requirements

8 years relevant experience in the cyber and information security discipline. 3 years experience in security engineering. 3 years experience in security architecture. 4-year degree or IT qualification. Experience in cloud security architecture and technologies. Experience in EA and/or Systems Architecture Resiliency, determination, and pragmatism. May be required to assist outside of working hours.

Advantageous

Relevant qualifications and certifications such CEH, CISSP, CISM, CCSP, TOGAF and/or SABSA

Additional Criteria

Experience in programming and scripting is highly advantageous. Industry certifications (e.g. Palo, Google, AWS, Azure, Qualys) are beneficial. Experience in building and maturing Security Architecture capabilities is advantageous. Experience with automation and ML/AI capabilities. Practical experience with adversarial frameworks such as MITRE ATT&CK. Working knowledge of PCI-DSS. Experience with security operations tools, frameworks, practices, and processes. * Hands on experience with cloud computing