Compensation: $200-210k
Responsibilities:
· Work closely with Enterprise Architecture in the effective delivery of solutions
· A high-level knowledge of all key areas of Information Security Technology and an ability to apply them appropriately
· Work with other Security Architects to build security into infrastructure and architecture designs
· Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture
· Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary
· Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal Audit, and Enterprise Risk to support current and future initiatives
· Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA
· Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement
· Engage with stakeholders across the organisation to develop relationships and the brand of Security Architecture
· Interface with program and project managers to ensure appropriate security architecture engagement as necessary
· Develop a strong interlock with the other security functions to support transition of projects into operation with effective governance
· Ensure appropriate quality of security architecture artefacts, engagement and managing escalations should they arise
· Ensure appropriate interlock and attestation against security controls where appropriate
· Maintain engagement with Security Engineering and Operations for the management of vulnerabilities, risks and remediation methods
· Ability to take initiative, self-motivated to work independently to deliver against project requirements
· Assure compliance with security controls to identify control gaps, develop remediation plans and determine residual risk
· Lead by example in the engagement of Security Architecture of projects across the enterprise
· 5 years security architecture expertise with broad understanding of multiple security domains
· Ability to collaborate effectively with others to drive forward key security objectives
· Strong documentation and report writing skills (to both technical and business audiences)
· Excellent time management and organizational skills
· Knowledge of policy frameworks and understanding of policies, procedures, guideline structure
· Knowledge of firewalls, IPS, DLP, proxies, SEIM, & endpoint protection software
· Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)
· Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent is preferred
· Knowledge of Risk Management life cycles based on an established framework: ISO 27001, SANS, NIST SP 800-53
· Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM
· Excellent verbal, written and interpersonal communication skills
· Strong service-oriented mindset to consistently deliver balanced security solutions that include people, process and technology
· Strong technical, analytical and problem-solving skills
· Self-motivated to exceed management expectations and objectives
· Ability to effectively communicate complex technical issues to both business and technical staff at all levels.
· Strong collaboration skills to tackle complex security challenges that may span across multiple internal and external departments and groups
· Able to effectively cope with change and comfortably handle risk and ambiguity
· Positive attitude in challenging situations
#LI-DK1
24-02886