Senior Information Security Architect at PPS

Education:

• A Bachelor’s degree in information technology/systems, computer science, computer/electronic engineering or related field.

Experience:

• Twelve years’ information technology experience, of which six years must be in information security and three years must be in information security architecture;
• Experience in interpreting and understanding an organisation’s legislative, technical and business environment;
• Experience in designing and implementing an enterprise information security architecture;

Security, Risk and Governance

• Experience in reviewing of and incorporating information security controls and capabilities 
• into various architectures and designs;
• Experience in implementing international information security standards and best 
• practice such as the ISO 27000 series and NIST Framework;
• Experience in a broad range of information security domains, as well as technical 
• experience in various information security technologies and their associated capabilities;
• Experience with presenting information security concepts and ideas in a non-technical 
• business-friendly language appropriate to the target audience.

Knowledge and Skills:

• Knowledge of IT Security and Risk Management frameworks, policies, standards and technologies – ISO27001/2
• Malware Management Knowledge.
• Vulnerability and Patch Management
• OS/Application VM Knowledge
• Web monitoring solutions
• Data leakage on end points
• Virtual server protection
• Database monitoring
• Desktop Firewall and IPS solutions
• EDR Solutions
• Network security architecture
• Clould security

Key Competencies, duties and responsibilities:

• Direct, develop, maintain and implement a PPS-wide enterprise information security architecture, as well as supporting information security capabilities and controls, in support of and aligned to the business, regulatory and technical context.
• Develop metrics and measurements to determine the maturity and effectiveness of the information security strategy and architecture execution within the PPS
• Develop and manage the application of information security architectural principles within solution architectures and designs in order to reduce risk and drive adoption of and adherence to the information security strategy and governance;
• Anticipate the impact of the latest ICT and information security trends and technology changes on the PPS, and ensure that the PPS enterprise information security architecture is evolved, and affected through the information security program;
• Provide insight into and strategic recommendations for the information security aspects of the PPS ICT strategy and any new ICT trends;
• Participate in, actively influence and contribute to business and ICT planning initiatives in order to ensure appropriate alignment with the information security strategy and consideration for information security requirements and controls;
• Conduct in-depth information security reviews and assessments of new and/or existing systems, applications and/or programs and design solutions or recommendations for the remediation or mitigation of risks or insecure design;
• Collaborate with and provide authoritative advice and expertise to various key stakeholders, as well as solicit their requirements and involvement in achieving higher levels of enterprise information security;
• Collaborate with and provide authoritative advice and expertise to the enterprise and solutions architects and ensure information security requirements and controls have been incorporated into the PPS enterprise architecture, as well as new and/or revised architectures and designs