Back
Jul 28, 2021

IT Security Architect

  • Old Mutual
  • Pinelands, Western Cape, South Africa
Full time Information Technology

Job Description

Job Description

This role requires specialized security knowledge and experience from a people, process and technology perspective to direct decisions and provides direction on information security matters across more than one of the application, infrastructure, data and integration architectural domains. This role defines, assesses and advises adherence to architectural standards for the information security domain-specific development, deployment and management of application, information, communication and technology infrastructure. The incumbent is individually accountable for achieving results through own efforts, for periods of up to 1 year.
Documenting and understanding cross-functional business requirements in regard to information security, legal-regulatory compliance and risk management.

Documenting security solution architectures for defined Security-specific initiatives ensuring alliance to defined Enterprise and specifically Security Architecture Principles.

Ensure the delivery & implementation of the solution to ensure the solution is deployed according to the architecture designs, security controls as well as compliance with the IT and Business strategies.

Ensuring that the Information Security Policies and Standards are enforced and adhered to.

Educating and assisting business units within the Group with specific security domain architectures and architectural principles.

Able to drive technology choices and decisions through necessary governance processes and forums

Participating in any security reviews arising from security breaches and instigating remedial actions.

Ensuring that the confidentiality, integrity and availability of the security services designed are maintainable at the levels agreed in the S/OLAs and that they conform to all relevant statutory requirements.

Designing new and/or reviewing existing security controls within the specific security domain.

Maintaining a set of security controls and documentation within the specific security domain, and regular reviewing and auditing these security controls and procedures.

Developing and documenting procedures for operating and maintaining security controls.

Acting as a focal point for all security-related issues within the specific security domain should the need arise.

Key Result Areas:

IT Architecture

Documenting and understanding cross-functional business requirements in regard to information security, legal-regulatory compliance and risk management.

Documenting security solution architectures for defined Security-specific initiatives ensuring alliance to defined Enterprise and specifically Security Architecture Principles.

Ensure the delivery & implementation of the solution to ensure the solution is deployed according to the architecture designs, security controls as well as compliance with the IT and Business strategies.

Ensuring that the Information Security Policies and Standards are enforced and adhered to.

Contributing to the Information Security Policy, and developing and maintaining a supporting set of specific technical policies and standards, ensuring appropriate authorization, commitment and endorsement from IT and business management stakeholders.

Educating and assisting business units within the Group with specific security domain architectures and architectural principles.

Able to drive technology choices and decisions through necessary governance processes and forums

Participating in any security reviews arising from security breaches and instigating remedial actions.

Ensuring that the confidentiality, integrity and availability of the security services designed are maintainable at the levels agreed in the S/OLAs and that they conform to all relevant statutory requirements.

Designing new and/or reviewing existing security controls within the specific security domain.

Maintaining a set of security controls and documentation within the specific security domain, and regular reviewing and auditing these security controls and procedures.

Developing and documenting procedures for operating and maintaining security controls.

Acting as a focal point for all security-related issues within the specific security domain should the need arise.

Personal Effectiveness

Accepts and lives the company values

Accountable for service delivery through own efforts

Collaborates effectively with others to achieve personal results

Individually accountable for managing own time, tasks and output quality for periods of 3 months to 1 year

Makes increased contributions by broadening individual skills

Plans work load vs. work demand for project team members

Attention To Detail

Good communication across all levels

Sense of urgency

People Management experience advantageous

Support

Maintaining a set of security controls and documentation, and regular reviewing and auditing all security controls and procedures.

Assisting in identifying and classifying IT and Information assets (Systems and Data) and the level of control and protection required.

Developing and documenting procedures for operating and maintaining security controls.

Role Requirements:

3 year Degree in Information Technology from a recognized tertiary institution

CISSP Certification will be advantageous

Identity and Access Management & Privileged Access Management Technology Certifications will be advantageous

ITIL Certification will be advantageous

3-5 years’ experience in the security management and security architecture and/or design arena

Understanding of various technologies in the applications, data and integration arenas with specific knowledge of cryptography and other security aspects thereof.

Understanding of various technologies including firewalls, intrusion prevention, routing, switching, UNIX and windows servers as well as virtual environments and storage technologies and the security aspects thereof.

Knowledge of Security Management principles.

1-3 years’ experience with Leadership and Project Management skills.

Ability to work with cross-functional teams of global operations, system integrators, testers, developers, designers and architects.

Demonstrated experience in moving projects from initiation through to deployment and operations.

Understanding of Agile, SDLC, ITIL concepts and processes.

Technical knowledge in design and deployment of Identity and Access Management & Privileged Access Management solutions. Preferably SailPoint and Beyond Trust.

Detail level (in-depth) Identity and Access, Application and integration layer Security knowledge.

Skills

Education


Apply Now