Cybersecurity Architect

Position Highlights

The Architect – Cyber Security & Risk plays an integral role in defining and assessing security strategy, architecture, and practices.

He will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

He will be expected to advocate for security requirements and objectives, while ensuring they do not impede the needs of the business. He will serve as a technical sounding board for the CISO's interaction with other line-of-business.

Main responsibilities:

• Architecture strategy, planning and delivery

Contribute to cyber security strategy plans and roadmaps definition
Define cyber security blueprint and policies in a cloud first environment (mainly Azure)
Design and implement security architecture to mitigate current and future threats.
Assist in developing a disaster recovery and business continuity plan.
Determine and implement baseline security configuration standards for IT infrastructure and applications
Support the security architecture process development & maintenance.
Document security requirements and controls for protecting information, systems, and technology assets
Review security technologies, tools and services, and makes recommendations for their use
Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs, SIEM and anti-malware/endpoint protection systems
Support identification of sensitive information data flow and recommend controls to ensure that this data is adequately secured
Review network segmentation to ensure least privilege for network access

• Cybersecurity assurance & advocacy

Perform security assessments, identify gaps in existing architecture, and recommend improvements.
Conduct and facilitate risk assessments / threat modelling for new technologies and projects.
Liaise with the vendors team to conduct security assessments of existing and prospective vendors
Evaluate and provide input to the statements of work (SOWs) to ensure that adequate security protections are in place.
Support the testing and validation of internal security controls.
Liaise with other infrastructure / application architects, solution manager and other IT roles to share best practices and insights
Coordinate with DevOps and cloud teams to advocate secure practices

Main requirements:

At least 8 years working experience in corporate IT teams / environments
A minimum of 5 years in an information security role
Proven track record in supporting design for multiple large-scale system implementation projects
Experience and desire to work in a global environment
Experience with cloud environment and Microsoft security stack
Project management experience will be considered a plus
CISSP, CISA, TOGAF, SABSA or other industry certifications will be considered a plus
Preferred qualification: Master’s degree in computer science
 
IT Skills

Strong Cybersecurity knowledge
Microsoft cloud and security solution (Azure, M365 E5 security)
Familiarity with NIST cybersecurity framework and CIS controls
Understanding of data protection / privacy regulation and strategies
Security Analytics / Automation
Enterprise security document and policy creation.
Knowledge of End point protection, Identity and access management solutions