Senior Security Architect
  • South Africa Johannesburg
  • Boardroom Appointments - Global Human and Talent Capital
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

About the job
Key purpose:


As a Senior Security Architect, you will be responsible for designing and implementing the Identity Management System (IdMS), Privilege Access Management (PAM) system, Data Security and data leaking. You will be working with various teams across multiple areas of the business to design and implement these systems. You should have experience in building complex systems using a variety of technologies, ideally in an enterprise environment.


Duties and responsibilities:


Identity and Access Management (IAM) solutions including solutions from Sailpoint and SecZetta
Privileged Access Management (PAM) and Secrets Management solutions including solutions from BeyondTrust (full stack solution) and CyberArk
Database Activity Monitoring (DAM) solutions including solutions from Imperva and IBM Guardium
Directory Services (DS) solutions including Active Directory, Azure AD and IBM Tivoli Directory Services
Security Incident and Event Management (SIEM) solutions including Splunk
Security Orchestration, Automation and response (SOAR) solutions including IBM Resilient
Vulnerability Management Systems (VMS) including Tenable
Endpoint Protection Solutions (EPS) including Symantec, Microsoft and Crowdstrike
Data Loss Prevention (DLP) and Data Classification and Labelling (DCL) services including solutions from Symantec, Zscaler, Titus and Microsoft
10. Hardware Security Modules (HSM) Certificate Management Solutions including Thales and Venafi
Remote access and Web Proxy\CASB solutions including solutions from Zscaler
Zero Trust and Micro-segmentation solutions
Cloud and Container Posture Assessment solutions
DevSecOps Solutions for security code development, vulnerability and build processing.
Platform Integration and API management solutions
Scripting and Coding experience
Breach And Attack Simulation solutions.
Architecture and Design documentation creation and review


Qualifications and experience:


Bachelors degree in Computer Science or a related field required
5 years of experience in designing and implementing security solutions for web, mobile, and/or desktop applications with the ability to write secure software
Must be comfortable working within a cross functional team environment
Experience designing and implementing security solutions preferred


Technologies preferred:


Semanta TLP
Sailpoint Identity IQ
File access management - FIM & FAM
Zscaler
Microsoft 365 - Information Protection
Beyond Trust (Full stack solution)
EPM Cap
Unix/Linix
Sesdetta -3rd party managed system for access
Cyber Arc - Secrets Management


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0037   Knowledge of Security Assessment and Authorization process.
  • K0043   Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0056   Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0074   Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0275   Knowledge of configuration management techniques.
  • K0007   Knowledge of authentication, authorization, and access control methods.
  • K0009   Knowledge of application vulnerabilities.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.

Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • S0076   Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • S0152   Skill in translating operational requirements into protection needs (i.e., security controls).
  • S0170   Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).

Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0038  Ability to optimize systems to meet enterprise performance requirements.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).