The role of the contract IT Security Technical Lead is to be a hands on lead during design and implementation of security controls. Reporting to the program manager, this role requires hands on security engineering and solution design experience to review, interpret, document and validate security requirements for multiple projects.
The main responsibilities will include:
- Capture business requirements and translate into technical solutions
- Proactively identify security risks/trends and drive the transformation roadmap
- Develop technical security design specifications, engineering and integration specifications, standards, and implementation of applicable technology architectures to mitigate risks to the company's information assets
- Conduct security risk assessment on existing and proposed solutions in line with ICT Security Risk Management procedures
- Perform vulnerability risk reviews using DREAD/STRIDE model
- Proactively manage applications, infrastructure security & network risks, ensuring security infrastructure aligns with company's compliance requirements
- Review software solutions under development to ensure compliance with the enterprise security architecture.
Skills & Experience:
- Minimum of 8+ years hands on security architecture/design, engineering and deployment experience
- Preferred security certifications are: SABSA, CISM, CISSP or SANS
- Ability to work effectively with limited supervision on multiple concurrent projects.
- Demonstrated analytical, conceptual and problem solving skills, including the ability to develop original concepts and solutions to ensure enterprise information security architecture and information assurance.
- Demonstrated comprehensive understanding of the principles of secure data communication and encryption technology, together with a practical understanding of security methodologies and their application
- Demonstrated experience producing security architecture in an enterprise environment
- Demonstrated deep technical expertise in a broad spectrum of technology areas e.g. ICT infrastructure, networks, operating systems, virtualisation, cloud computing, etc.
- Demonstrated highly developed interpersonal, consultative and negotiation skills and the ability to build and maintain positive working relationships.
- Experience in the application of ICT risk assessment processes for complex systems
- Understanding of Business Impact Assessment and Threat Risk Assessment concepts and processes.
To indicate your interest please apply via the link or call Eugene on 94094710 for a detailed and confidential discussion