Description:
ResponsibilitiesDevelop and maintain enterprise-level security architectures, blueprints, and reference models aligned with business goals and ICT strategies. Define and enforce security standards, principles, and patterns across infrastructure, applications, cloud, and integration layers. Review solution and technical architectures to ensure adherence to security principles and best practices. Conduct threat modelling and security impact assessments for new and existing solutions. Provide security design guidance and patterns to project teams to ensure consistent and secure solution delivery. Identify, assess, and mitigate security risks across systems and projects. Ensure compliance with regulatory frameworks (POPIA, ISO 27001, NIST, CIS Controls). Conduct security impact assessments and provide recommendations for remediation. Support internal and external audits by providing security evidence, remediation actions, and architecture assurance. Define and review security controls for all applications and systems, including APIs, data exchanges, cloud deployments, and integrations. Identify security gaps in solution designs and provide actionable recommendations for remediation. Develop and maintain enterprise architecture security policies, procedures, and guidelines. Support audit and assurance activities through documentation and evidence of security compliance. Evaluate emerging technologies and recommend secure adoption strategies. Drive implementation of Zero Trust, IAM, DLP, and encryption frameworks. Support security automation and continuous monitoring initiatives.
Requirements
Bachelor's (NQF7) degree in ICT (Computer Science, Information Systems, Technology and Engineering) or related field. Industry certifications required (TOGAF, CISSP, SABSA Foundation-Security Architecture) 8+ years in Information Security, with at least 5 years in a Security Architecture role. Proven experience in cloud security architecture (Azure, Microsoft), including secure landing zones, cloud-native security services, identity models, network segmentation, and workload protection. Advantageous Qualification: A relevant postgraduate degree (PGDip in Cybersecurity, MSc in Information Security, or PGDip in Information Systems/Informatics)
23 Jan 2026;
from:
gumtree.co.za