Cybersecurity Architect

About the Role

We are looking for a very experienced Cybersecurity Architect who will join our Modis family and will support the cyber security function in one of our key clients.

Cyber Security & Risk plays an integral role in defining and assessing security strategy, architecture, and practices.

You will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. 

Day-to-day Responsibilities

Architecture strategy, planning and delivery

• Contribute to cyber security strategy plans and roadmaps definition
• Define cyber security blueprint and policies in a cloud first environment (mainly Azure)
• Design and implement security architecture to mitigate current and future threats.
• Assist in developing a disaster recovery and business continuity plan.
• Determine and implement baseline security configuration standards for IT infrastructure and applications
• Support the security architecture process development & maintenance.
• Document security requirements and controls for protecting information, systems, and technology assets
• Review security technologies, tools and services, and makes recommendations for their use
• Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs, SIEM and anti-malware/endpoint protection systems
• Support identification of sensitive information data flow and recommend controls to ensure that this data is adequately secured

Cybersecurity assurance & advocacy

• Perform security assessments, identify gaps in existing architecture, and recommend improvements. 
• Conduct and facilitate risk assessments / threat modelling for new technologies and projects.
• Liaise with the vendors team to conduct security assessments of existing and prospective vendors
• Evaluate and provide input to the statements of work (SOWs) to ensure that adequate security protections are in place. 
• Support the testing and validation of internal security controls.
• Liaise with other infrastructure / application architects, solution manager and other IT roles to share best practices and insights
• Coordinate with DevOps and cloud teams to advocate secure practices

Crucial Criteria:

• At least 8 years working experience in corporate IT teams / environments 
• A minimum of 5 years in an information security role
• Proven track record in supporting design for multiple large-scale system implementation projects 
• Experience and desire to work in a global environment 
• Experience with cloud environment and Microsoft security stack
• Project management experience
• Preferred qualification: Master’s degree in computer science
• One or more security certification such as:
• (ISC)2 CISSP
• Microsoft Certified Systems Engineer: Security
• SABSA

Nice-to-have:

• Strong Cybersecurity knowledge
• Microsoft cloud and security solution (Azure, M365 E5 security)
• Familiarity with NIST cybersecurity framework and CIS controls
• Understanding of data protection / privacy regulation and strategies
• Security Analytics / Automation
• Enterprise security document and policy creation.
• Knowledge of End point protection, Identity and access management solutions