IT Security Architect

The IT Security architect is responsible for designing security controls into solutions and services which are being introduced to the company. They are additionally required to identify potential control gaps and assess & describe any associated risk.

Job Responsibilities

• Design security controls for proposed solutions to meet relevant IT Security policies, standards and guidelines, as well as Enterprise Security Requirements, regulatory, legislative, scheme and application specific requirements;
• Participate in solution architecture & design activities, creating security solutions and security controls for different projects;
• Provide design-time assessments and guidance to teams building and deploying new technology;
• Assess and advise of security risks identified, and propose appropriate;
• Participate in security activities assisting with the integration and initial implementation of solutions;
• Assess existing and proposed architectures, identify security design gaps, and recommend changes or enhancements to meet security control objective’s;
• Continuously monitor and improve the security posture of the company as part of the Security Architecture team;
• Identify and communicate new security threats, and design Security Architecture elements to mitigate threats as they emerge;
• Serve as the Security Subject Matter Expert within the company, and provide advisory and consulting services to other teams as needed; and
• Stay abreast of new security technologies and integrate into security architecture design when appropriate.

Management Support

• Support Management with the embedding of IT Security culture and behaviours into the Group.
• Provide positive and proactive participation within the team and active collaboration with colleagues across the Group as appropriate.

Experience Required

• Minimum of CISSP or recognised equivalent (GIAC GSEC);
• Good technical knowledge of network protocols and related technologies, and a variety of platforms;
• Experience across a number of relevant IT Security & general IT disciplines;
• Strong knowledge of IT Security best practice;
• 5+ years working in an IT Security discipline, with experience in security Architecture and Design.
• Experience in DevOps methodologies and practices;
• Cloud infrastructure security including AWS & Azure;
• Using Market / Technical Knowledge (level 3);
• Communicating (level 3);
• Influencing (level 2);
• Building understanding and trust (level 2);
• Obtaining information (level 3);
• Being innovative (level 2).

Essential and Desirable Skills

• ISSAP, SABSA, TOGAF, or other security architecture qualification preferred;
• Experience in security design for continuous integration pipelines in enterprise environment;
• 3rd Level qualification in IT is preferred;
• Knowledge of information security and risk control frameworks such as COBiT, ISO 27001, ISO 27002;
• Knowledge of PCI DSS, GDPR, PSD2;
• Experienced in security design for VMware, Openstack;
• Experience of working with an agile development