Job Description

About the job
Description


A position has opened for a Security Architect with solid experience with various relevant Physical and Information Security capabilities and approaches. You must have at least 8 years’ experience in requirements or risk analysis, security architecture, design, enterprise architecture or solutions architecture, with at least 3 years lead role.


Required


BSc Computer Science or relevant industry qualification


TOGAF 9.1 Certification.


SABSA Certification


CISSP-ISSAP


GSE certified


CGEIT certified

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0027   Knowledge of organization's enterprise information security architecture.
• K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• K0291   Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
• K0293   Knowledge of integrating the organization’s goals and objectives into the architecture.
• K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• K0333   Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
• K0487   Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
• K0516   Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
• K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Required Skills

• S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• S0122   Skill in the use of design methods.
• S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
• S0076   Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
• S0168   Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
• S0170   Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).

Required Abilities

• A0008  Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
• A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
• A0038  Ability to optimize systems to meet enterprise performance requirements.
• A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• A0172  Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.
• A0049  Ability to apply secure system design tools, methods and techniques.