Security Architect
  • South Africa Johannesburg
  • iOCO
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

About the job
Essential Function

To ensure alignment of all enterprise security capabilities to the business strategy by using multiple architectural models/views showing current and future capabilities and designing heterogeneous solutions to ensure resiliency and efficiency of the systems

Essential Qualification

Degree or equivalent Diploma in business management or information technology BSC, BCOMM, Engineering
Security qualifications such as SABSA (Sherwood Applied Business Security Architecture) or CISSP (Certified Information Systems Security Professional)
Honours, Masters, MBA
EA Framework Certification

Experience Required

Minimum of 7 years working experience in designing and constructing security architectural models with insight into stakeholder views
Minimum of 5 years' experience in information security and/or IT risk management with a focus on security, performance and reliability
Additional familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, directory, MFA, SIEM, vulnerability management, Cloud Access, Security Brokers, Data Loss prevention solutions, anti-virus, single sign on, auditing, SAST, DAST, PKI and Cryptography.
Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
Prior experience in Financial and Capital Markets prefer

Results Delivery

Develop Security Roadmaps to prioritise delivery of focus areas for the year in support of company's business strategy.
Provide input into the formalisation for the divisional budget based on business needs and costs projections.
Participate in planning sessions to formalise technology roadmaps (4-5 year view) by conducting research on latest trends and meeting with stakeholders within the company to provide direction on future requirements to ensure smooth running of the company systems across the enterprise
Apply enterprise architecture and business principles as guidelines when considering alternatives for solution planning and delivery.
Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Identify and communicate current and emerging security threats.
Design security architecture elements to mitigate threats as they emerge
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Create practical solutions that balance business requirements with information and cyber security requirements
Align standards, frameworks and security with overall business and technology strategy
Contribute to the creation of solutions that balance business requirements with information and cyber security requirements
Contribute in defining system security and functionality for other business system applications.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
In conjunction with Enterprise Architect, define a discipline and approach for information assets.
Contribute to the development and maintenance of the information security strategy.
In conjunction with the Enterprise architect, ensure the effective translation of the security architecture is implemented into the solutions.
Define reference architecture for security system

Stakeholder Relationship Management

Build network of strategic company /Industry/Global relationships by utilising social media, conferences and industry specialist work groups to solicit perspectives on key initiatives.
Work with key stakeholders to articulate and affirm the implications of company's organisational IT strategies by ensuring a clear understanding of company's business goals and the impact of current and future state capabilities of the business.
Engage stakeholders in addressing concerns in order to progress and gain acceptance of various solutions and roadmaps with their peers.
Leverage vendor relationships to understand vendors' strategic plans and keep abreast of latest technologies by hosting meetings, attending seminars and training events.
Provide thought leadership and input into the business strategies and construct high level designs (concepts) that will facilitate the implementation thereof.
Ability to interact with a broad cross-section of personnel to explain and enforce security measures

Soft Skills

Exceptional communication skills (Written Verbal)
Ability to work within a team or independently
Keeps abreast of lastest technologies

Desired Skills

Judgment and Decision Making
Complex Problem Solving
Critical Thinking
Management of Personnel Resources
Social Perceptiveness
Management of Financial Resources
Time Management


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0214   Knowledge of the Risk Management Framework Assessment Methodology.
  • K0264   Knowledge of program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333   Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0487   Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0008   Knowledge of applicable business processes and operations of customer organizations.
  • K0010   Knowledge of communication methods, principles, and concepts that support the network infrastructure.
  • K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • S0022   Skill in designing countermeasures to identified security risks.

Required Abilities
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0038  Ability to optimize systems to meet enterprise performance requirements.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • A0061  Ability to design architectures and frameworks.