Ops Specialist: Information Security Architect at Telkom

Core Description

Under limited supervision, develop an architecture framework that will enable Telkom to anticipate possible security threats and identify areas of weakness in a network system while responding effectively and promptly to possible breaches of security. Develop technology standards and architecture and acquisition or management plans. Draft Security Architecture documents for specific projects or programs clearly articulating goals, constraints, and rationale for architecturally significant decisions. Conduct security architecture reviews periodically to evaluate and address security standards adherence. Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, and participating in professional organisations. Provides support and consultancy with respect to risk management practices and concerns within IT and business architectures, applications, changes, solutions and operational processes.

Job Responsibilities

• Create reference architecture covering network segmentations, software-defined perimeter, certificate management, identity, and access management, managing privilege accesses, application integration.
• Prepare and maintain technical design documentation, diagrams and other architectural artefacts.
• In addition to the core architectural skillset, the ideal candidate will be keen to maintain a low-level understanding of how technology works, be comfortable having administrative systems access, and be confident assisting engineering teams to troubleshoot issues across complex distributed systems.
• Contribute to the development of solution architectures in specific business, infrastructure or functional areas.
• Identify and evaluate alternative architectures and the trade-offs in cost, performance and scalability.
• Produces specifications of cloud-based or on-premises components, tiers and interfaces, for translation into detailed designs using selected services and products.
• Creates multiple design views to address the concerns of the different stakeholders of the architecture and to handle both functional and non-functional requirements, including proof of concept (POC).
• Ensure Enterprise Security Architecture aligns with business requirements and risks.
• Advise and recommend Technical Security direction in support of Enterprise Security Architecture Define
• Assess and Communicate Information Security elements within Business and IT Architecture Information Security input to Business cases and projects.
• Ensure Information Security Architecture requirements are met within all systems and processes.

Competencies

• Acting Decisively
• Managing Risk
• Sharing Information
• Testing and Troubleshooting

Core Competencies

FUNCTIONAL KNOWLEDGE

• Cybersecurity and Data Privacy;
• Some experience in Security Architecture, with the ability to define security blueprints, define threat models, and assess solutions, define security principles and security standards;
• Some knowledge and application of risk assessments, security architecture reviews, definition of reference architecture, application of Info security practices and technologies;
• A high level of learning agility to keep up with ever-changing business needs architecture changes, vendor/ supplier offerings and service changes

FUNCTIONAL SKILLS

• Security design and architecture expertise across the development lifecycle utilising agile methods; Good people skills; Able to work and manage own time independently; Ability to translate business requirements into technical objectives for development teams

COMPETENCIES (BEHAVIOUR)

• Analysis; Strong communication skills; Enabling and informing risk-based decisions; Research and innovation; Specific security technology and understanding; Understanding security implications of transformation; Produce reports; Experience working in an agile development environment

Education

• NQF 6: 3 year Diploma/ National Diploma

Experience

• 3 Years relevant experience

Certifications

• TOGAF
• SABSA
• A security industry certification is preferred including but not limited to CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+.

Special Requirements

• Ability to work outside of normal working hours

Physical Requirements

• None

Key Stakeholders

Additional Information

Certification, Qualifications and Experience:

• Optional certification: CoBIT, CISA, ITIL
• Degree or Diploma in IT or Information Security.
• Practical experience in IT or Information Security, of which two years must include an enterprise architecture or Information Security role. Alternatively, 1 to 3 years’ experience, with a combination of experience across End User Computing, Infrastructure and Cloud.