Cyber Security Architect - Risk & Compliance

Cyber Security Architect - Risk and Compliance

Position Summary :

The Cyber Security Architect acts as a leader in the Information Security Department and is a technology and solution advisor with pragmatic experience in a particular security domain. The Cyber Security Architect will act in many ways as a technology consultant that can speak credibly to the security landscape, architectural models and solutions, possessing the ability to discuss and present to all layers of staff and management. The architect provides a depth of knowledge and experience in the core security domains of Endpoint/Server Systems, Mobile Technologies, Virtualization and Cloud computing.

Key Quantitative Measures/Data :

The Cyber Security Architect is expected to perform the following functions.

- The architect will provide subject matter expertise through participation in planning and development teams and as leader on solution design and deployment projects.

- The architect should be versant in solution design methodologies (e.g. Software Development Life Cycle (SDLC) type of approaches) and have the ability to generate high quality artifacts such as requirements artifacts, high level and detailed designs and deployment plans.

- Hands on experience in building the security patterns and support the Information Security Architecture reviews and providing feedbacks.

- Recommend implementation standards and design patterns that support information security and regulatory compliance objectives.

- Display pragmatism in balancing the implementation of security controls, taking into account business risk.

- Remains current on regulatory requirements, industry standards, data security frameworks and best practices.

- Act as an evangelist for Information Security

- Be familiar with delivering architecture artifacts such as: Solution architectures, Blueprints, Roadmaps and Vendor Evaluation/ RFP's.

- Lead ongoing process and policy improvement efforts.

- Provide mentoring to less experienced members of the team.

- Formally and informally interact with clients and stakeholders to address concerns and requests with regard to application security policies, mechanisms and safeguards.

Key Performance Indicator :

- Major Tasks Participates in the development of the Cyber Security function and provide security architectural consulting.

- IT Architecture and knowledge of concepts, philosophies and tools behind the design of applications, information and underlying information technologies.

- Familiar with established frameworks and methodologies (i.e. TOGAF and SABSA). - Knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies.

- Excellent presentation skills with the ability to present to technical, management and business stakeholders.

- Ability to encourage, motivate and guide individuals and teams around security requirements and integration capabilities.

- Conducts project meetings to update stakeholders of current program status.

- Show innovation by driving changes to improve information security maturity.

- Participate in a team environment in order to deliver a seamless service.

- Actively engage the team in Information Security.

- Attend and actively participate in team meetings.

- Participate in training and personal development courses.

- Engage peers to leverage best practices and share knowledge. Manage service processes and procedures.

- Support Information Security activities.

- Review Information Security process documentation on a regular basis.

- Ensure delivery of services to applicable standards, policies and regulations.

Problem Solving :

The Cyber Security Architect will present the following challenges an adequate response to which will require some of the following aptitudes. :

- Interface with the Global Information Technology team, Risk & Compliance team members and Business stakeholders.

- Requires the ability to respond proactively within the scope of a global, fast-moving corporation.

- Manage escalations, incidents, and complex problems.

- Requires the ability to judge the gravity of a situation and an awareness as to what one can to, personally to bring it to resolution, as well as when to seek assistance.

- Maintain professionalism, solution focus, and loyalty to R&C and the larger objectives

- Requires the ability to distinguish between client interests and interests and, knowing the distinction, to act in keeping with best interests.

- Maintain a positive attitude and provide an example of model behaviours to junior staff, particularly those in R&C function o Requires the ability to maintain a perspective on events, understanding service provision is a field that is rife with highs and lows.

Qualifications and Experience Required :

- Education Degree in IT preferred

- Professional Qualifications - Certification within the core discipline(s) and architectural approach. - Certification within the broader security field (ISC2, SANS/GIAC, ISACA)

Experience :

Desirable :

- 5-7 years of information security architectural experience.

- Drive the alignment and development of the Security Architecture roadmap that integrates and aggregates all of the solutions for business applications and technology infrastructure.

- Provide highly specialized Information Security architectural consulting around Security across numerous initiatives and lines of businesses.

- Demonstrated ability to clearly communicate complex ideas verbally and in writing

- Excellent troubleshooting, problem solving, and analytical skills