Job Description

Our Client is looking for a Cybersecurity Manager: Architecture & Engineering leader to take responsibility for cybersecurity architecture and engineering across South Africa. This role leads a small technical team that designs, maintains and enhances the security technology stack with a zero-trust philosophy, supporting the key principles of xe2x80x98security by design and default, and leverages modern technology and AI capabilities. This function enables security and technology teams through both change and operations.Skills and ExperienceWhat youll do:People

• Enhancing cyber intellectual capital: Leadership and management of the cybersecurity architecture and engineering team covering talent development and performance management.
• Building culture and teaming: Management of internal partnerships for execution, including context setting, skills transfer, and up-skilling.
• Management of key external security partner and service relationships.

Process - Architecture

• Maintain the cybersecurity architecture covering the current and future technology landscape. Identify solutions to enhance our architecture (e.g. improve visibility, reduce noise, automate or consolidate).
• Contribute to Business Case formulation with the relevant security input advisory, standards and security patterns.
• Support proactive threat modelling with other cyber and technology stakeholders.
• Own cybersecurity Enterprise Architecture (EA) principles and drive adoption through EA and across the business.
• Make security architectural information easily accessible and self-service to support scale, speed and security by design.
• Proactively identify security design gaps in existing and proposed architectures and provide required changes or enhancements. Document these as relevant for re-use.
• Remain aware of global security industry trends and translate these into meaningful contributions to the cybersecurity strategy, principles and ways of working.
• Process Security Engineering
• Take responsibility for the cybersecurity technology landscape.
• Lead a small team of engineers to improve cyber technology in support of the SOC and Business Enablement capabilities with a focus on continual identification of threats and validation of controls, and in support of key principles such as visibility, coverage and quality.
• Enhance technology solutions to automate and streamline operations.
• Take responsibility for the infrastructure of identified cybersecurity tools maintain, enhance, secure and upgrade where relevant.
• Work with the SOC to configure (including coding and scripting) SOC tools and alerts.
• Process - Both
• Contribute to the ongoing maintenance and enhancement of Cyber and Information Security Policies, Standards, Procedures and Guidelines.
• Manage forecasts and budgets.

Customer

• Understand Cyber, IT and Business strategies and contribute to the creation and delivery of the annual cybersecurity roadmap and execution with a specific focus on security architecture and engineering disciplines.
• Plan and prioritize projects and workload to deliver to the roadmap.
• Provide updates, context and feedback to relevant stakeholders.

Your expertise:

• 12+ years relevant experience in the cyber and information security discipline.
• 5+ years experience in security engineering.
• 2+ years experience in security architecture.
• 2+ years experience in people leadership.
• Demonstrable experience in leading a specialised cybersecurity team within a large environment.
• Experience with security operations tools, frameworks, practices, and processes.
• Resiliency, determination, and pragmatism.
• May be required to assist outside of working hours.

OtherAdditional criteria:

• Experience in programming and scripting is highly advantageous.
• Experience in building and maturing SOC capabilities is advantageous.
• Experience in cloud security architecture and technologies.
• Experience with automation and ML/AI capabilities.
• Practical experience with adversarial frameworks such as MITRE ATT&CK.
• Working knowledge of PCI-DSS.

Qualifications required:

• 4-year IT qualification.
• Industry certifications (e.g. Palo, Google, AWS, Qualys).

Key CompetenciesTechnical acumen

• Makes sound technical decisions based on understanding of what is commercially achievable within technological constraints.
• Evaluates the applicability of solutions with the ability to challenge and qualify its suitability for the business.
• Leverages research on technology-related concepts, trends and best practices to provide guidance on IT roadmap.
• Set technical policies and procedures to support IT stability and success aligned to evolving technologies and methodologies.

Business & commercial acumen

• Responsive to external influences (positive or negative) on the organisation.
• Understands what is commercially achievable and makes sound business decisions.
• Supports the development of business acumen of team through knowledge sharing and upskilling.
• Maintains advanced knowledge of business operations and organisational metrics and trends.

Analytical thinking

• Effectively applies substantial in-depth analysis in order to determine and meet requirements.
• Quickly identifies key issues, stakeholders and viewpoints in a complex situation or problem.
• Finds ways to condense large amounts of information into a useful form.
• Anticipates the consequences of situations and proactively works to overcome potential obstacles.
• Asks perceptive, probing questions to get to the heart of the matter.

Results orientation

• Plans and ensures implementation of activities/projects identified in business strategy.
• Maintains a keen awareness of the interrelationships among various components of large-scale activities/projects.
• Allocates time and resources as required when faced with multiple demands and competing priorities.
• Considers the financial implications before finalising activity/project plans.
• Actively monitors resource allocation and utilisation and makes adjustments as necessary.

Other information applicable to the opportunity:

• Permanent Position
• Location: Cape Town
• Environment: Hybrid - 4 days in the Office and Fridays at Home. However, it can change depending on work load or agreements between Employee and Line Manager.

iOCO