Security Architect at Penta Consulting

Job Location – South Africa - Sandton

Start – ASAP

Duration – 12 Month Contract

Rate – To be Discussed

Job Description

Requirements:

• Develops and manages security architecture for multiple IT functional areas (e.g., applications, systems, network and/or Web) across the company.
• Determine security architecture requirements by evaluating business strategies to mitigate emerging security threats.
• Identify security design gaps in existing and proposed architectures and recommend changes and enhancements.
• Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step.
• Align security standards, frameworks and security with overall business and technology strategy.
• In conjunction with the Enterprise Architect, ensure the effective translation of the security architecture implemented into the solutions.
• Build vulnerability management capabilities into the current architecture.
• Collaborates with operations to develop requirements at network architecture layer.
• Develops and manages security architectures for Mobile and Web Application.
• Provides expert consultancy in the development of programs in line with budget allocation.
• Provides strategic and tactical direction and consultation on information security and compliance.
• Identifies and resolves root causes of security-related problems.
• Consults on teams to resolve issues that are identified by various internal and third party monitoring tools.
• Implements security improvements by assessing current situation, evaluating trends, anticipating requirements.
•  

Experience:

• 10+ Years IT Experience
• 10+ Years’ experience in Information Security and Risk Management
• 7+ Years working experience in designing and constructing security architecture
• Experience with the use of standard security technology such as IAM, SIEM, Threat and Vulnerability Management, DLP, Cryptography
• 4+ Application Security experience
•  

Knoweledge:

• Strong technical knowledge of infrastructure, Operating Systems, third party software architecture and how it affects IT security and business needs.
• Cloud Security - IAM, NSG, ASG, ID Federation, VPN’s, IPSec
• Cloud Security - Policies, controls, procedures and technologies
• WAF Implementations
• OWASP top 10 mitigation approaches – Service based environments e.g. REST
• Mastery of Linux/Mac/Windows operating systems
• Network/Wireless Penetration Testing
• Ability to understand and modify code in a diverse range of programming languages and frameworks - OO Programming concepts
• Proficiency in cryptographic protocols and cipher suites
• Source code reviews.
• Familiarity with penetration testing methodology and standards
• Deep understanding of Secure SDLC