Job Description

MAIN PURPOSE OF THE JOB

Design, implement, and maintain secure architecture for cloud and hybrid IT systems across the CUSTOMER Group, with a strong focus on Microsoft 365 and Azure platforms. Support strategic security initiatives by ensuring that all infrastructure, data, and application layers are protected in line with the organization's security policies, regulatory obligations, and enterprise risk appetite.

Based in Stellenbosch

Design and govern secure cloud architecture (Azure, M365, hybrid) Define and enforce cloud and enterprise security standards and frameworks following Zero Trust Principles Lead technical risk assessments and threat modelling for cloud deployments and new solution selections Lead the IADM implementation in collaboration with the architect group and divisions Evaluate, select, and optimize security tools (EDR, SIEM, CASB, etc.)

ESSENTIAL MINIMUM EXPERIENCE

Minimum 10 years of information security experience, with at least 5 years in a security architecture role Hands-on experience in designing and implementing Microsoft 365 and Azure security Strong understanding of secure design principles including Zero Trust Architecture Strong understanding of security frameworks such as NIST, ISO 27001, and CIS Controls Good understating of working with AI and large language models in context to security Experience with regulatory compliance in healthcare (e.g. GDPR, ADHICS, POPIA) is a plus

DESIRED EXPERIENCE

Working knowledge of cloud security posture management (CSPM), SASE Knowledge of third-party risk, DevSecOps, and identity governance

ESSENTIAL EDUCATION

Bachelor's degree in Information Systems, Cybersecurity, or Engineering

DESIRED CERTIFICATION

Microsoft Certified: Cybersecurity Architect Expert CISSP / CCSP / Azure Security Engineer Associate

Knowledge Area

Cloud Security Architecture Importance (E/D) (Azure, M365) Identity & Access Management (Entra ID, RBAC) Security frameworks (NIST, ISO, CIS) Network segmentation, Zero Trust Information protection (DLP, MIP, MCAS) SIEM/SOAR platforms (e.g., Sentinel)

REQUIRED COMPETENCIES

Analytical Thinking: Ability to assess complex cloud environments and recommend secure configurations Judgment & Decision Making: Evaluates new risks and technologies and makes sound architectural decisions Persuading & Influencing: Effectively communicates security requirements to non technical stakeholders Collaboration: Works cross-functionally with IT, Risk, Legal, and Compliance Client Service Orientation: Designs secure environments that enable business growth without friction
Job Type: Full-time

Work Location: In person