Job Description

Key responsibilities include:
Leading and contributing to the security posture of SC networks and systems, data centre infrastructures, cloud architectures and solutions.
Developing, contributing and management of security architecture specifications, security architecture analysis, threat-modelling, security requirements, security standards and design patterns, reference architectures, security strategies and roadmaps.
Applying security design principles to develop security architectures.
Providing strategic points of view for security solutions and security industry events
Driving security technology evaluations and proof-of-concepts.
Managing lifecycle of security technologies.
Working closely with the other technology architects to ensure that security is properly embedded in their technology domain architectures.
Evaluating and assessing risk as part of application and system lifecycle management.
Advising leadership on Cybersecurity issues, systems, processes, products, and services.
Maintaining oversight of the design and implementation of IT/business systems to ensure appropriate and effective security controls are included.

Requirement
Minimum 5 years of experience as an information security architect
Experience in cybersecurity architecture and designing on networks, data centre systems, cloud infrastructure and platforms (IaaS security, PaaS security).
Experience in threat-modelling of complex systems.
Experience in delivering comprehensive architecture specifications for security solutions.
Experience with creating technical documentation, product documentation, technology and systems/network architecture and technical security standards.
Experience working with security technologies, such as Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways,
Experience in speaking authoritatively to security principles in areas such as network, systems, virtualization, cloud technologies, access control and cryptography
Experience integrating multiple vendor products.
Experience and understanding of technology and enterprise security

Good to have
Certifications in any of the CISSP, SABSA, TOGAF, Aglie (SAFe) or GIAC DSA
Knowledge of any relevant industry principles, best practices and standards such as NIST, ISO, CIS, OWASP, MITRE or CSA-CCM.
Knowledge of any security standards and security controls such as:
ISO 27002 (International Organisation for Standardization code of practice for Information Security Controls)NIST CSF (National Institute of Standards and Technology - Cybersecurity Framework)PCI/DSS (Payment Card Industry Data Security Standard)COBIT 5 (Control Objective for Information and Related Technologies)CIS 7.1 (Center for Internet Security - Critical Security Controls v7.1 ? v8.0 is also available now)NIST 800-171 (National Institute of Standards and Technology Special Publication 800-171)CMMC (Cybersecurity Maturity Model Certification)