About the job
Essential Function
To ensure alignment of all enterprise security capabilities to the business strategy by using multiple architectural models/views showing current and future capabilities and designing heterogeneous solutions to ensure resiliency and efficiency of the systems
Essential Qualification
Degree or equivalent Diploma in business management or information technology BSC, BCOMM, Engineering
Security qualifications such as SABSA (Sherwood Applied Business Security Architecture) or CISSP (Certified Information Systems Security Professional)
Honours, Masters, MBA
EA Framework Certification
Experience Required
Minimum of 7 years working experience in designing and constructing security architectural models with insight into stakeholder views
Minimum of 5 years' experience in information security and/or IT risk management with a focus on security, performance and reliability
Additional familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, directory, MFA, SIEM, vulnerability management, Cloud Access, Security Brokers, Data Loss prevention solutions, anti-virus, single sign on, auditing, SAST, DAST, PKI and Cryptography.
Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
Prior experience in Financial and Capital Markets prefer
Results Delivery
Develop Security Roadmaps to prioritise delivery of focus areas for the year in support of company's business strategy.
Provide input into the formalisation for the divisional budget based on business needs and costs projections.
Participate in planning sessions to formalise technology roadmaps (4-5 year view) by conducting research on latest trends and meeting with stakeholders within the company to provide direction on future requirements to ensure smooth running of the company systems across the enterprise
Apply enterprise architecture and business principles as guidelines when considering alternatives for solution planning and delivery.
Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Identify and communicate current and emerging security threats.
Design security architecture elements to mitigate threats as they emerge
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Create practical solutions that balance business requirements with information and cyber security requirements
Align standards, frameworks and security with overall business and technology strategy
Contribute to the creation of solutions that balance business requirements with information and cyber security requirements
Contribute in defining system security and functionality for other business system applications.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
In conjunction with Enterprise Architect, define a discipline and approach for information assets.
Contribute to the development and maintenance of the information security strategy.
In conjunction with the Enterprise architect, ensure the effective translation of the security architecture is implemented into the solutions.
Define reference architecture for security system
Stakeholder Relationship Management
Build network of strategic company /Industry/Global relationships by utilising social media, conferences and industry specialist work groups to solicit perspectives on key initiatives.
Work with key stakeholders to articulate and affirm the implications of company's organisational IT strategies by ensuring a clear understanding of company's business goals and the impact of current and future state capabilities of the business.
Engage stakeholders in addressing concerns in order to progress and gain acceptance of various solutions and roadmaps with their peers.
Leverage vendor relationships to understand vendors' strategic plans and keep abreast of latest technologies by hosting meetings, attending seminars and training events.
Provide thought leadership and input into the business strategies and construct high level designs (concepts) that will facilitate the implementation thereof.
Ability to interact with a broad cross-section of personnel to explain and enforce security measures
Soft Skills
Exceptional communication skills (Written Verbal)
Ability to work within a team or independently
Keeps abreast of lastest technologies
Desired Skills
Judgment and Decision Making
Complex Problem Solving
Critical Thinking
Management of Personnel Resources
Social Perceptiveness
Management of Financial Resources
Time Management