Solution Architect – Cyber Security at Pick n Pay Stores Limited

Location - Country

South Africa

Job Advert Summary

The successful candidate will be responsible for defining the strategy, principles and roadmaps across multiple areas of the company technoloy landscape. Collaborating with the lead cyber-security architect, you will provide thought leadership, future vision and high level technical cyber-security architecture. The role requires a thorough understanding of Pick n Pay IT systems in order to identify, understand and remain constantly up to date on relevant cyber-threats and industry trends.  You will be required to understand and evaluate various technologies, processes and tools to ensure appropriate cyber-threat resistance in line with business risk appetite and budgets while working with the operations team, business and vendors to ensure the company gets the best solution and the best out of the chosen solution.

Minimum Requirements

Relevant diploma/degree

• 5-10 years relevant experience (preferable experienced broadly across multiple areas of IT)
• Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) or equivalent would be preferred.
• Amazon Web Services Certification would be advantageous, and a successful candidate would be required to achieve AWS Solutions Architect Associate and Security Specialty certifications within 6 months if not already obtained.
• Excellent documentation and writing skills are required.
• A solid understanding of networking basics is required. This includes technical knowledge of TCP/IP, Wi-Fi standards, firewalls and routing concepts etc. 
• A solid understanding of security protocols, cryptography, authentication, authorisation and security. This includes web application standard like OWASP.
• A firm grasp of Mitre Frameworks (ATT@CK and D3FEND).
• A deep familiarity with the Payment Card Industry Data Security Standard (PCI-DSS) is essential. P2PE Solution knowledge also advantageous. The technical side of PCI-DSS is an area a successful candidate will need to be comfortable in. 
• AWS technical knowledge would also be beneficial. 
• Familiarity with Microsoft ADDS, Azure AD, Office 365 and Linux also beneficial. 

Duties & Responsibilities

• Reviewing current system security measures and recommending and implementing enhancements
• Thorough documenting of solution designs 
• Perform technical reviews on security solutions and systems to drive continuous improvement of security related technology and systems.
• Act as SME on security related projects
• Evaluating (or establishing if applicable) security related disaster recovery procedures and working with the Security Ops and Risk teams to conduct breach of security drills
• Supporting Security Ops team in responding to security incidents and providing thorough post-event analyses
• Planning, researching, and designing security architectures
• Reviewing, and approving the security related installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices
• Understanding cryptography and PKI in order to identify suitable cryptographic solutions to protect the confidentiality and integrity of critical data assets
• Assist to develop the technical cyber-response plan
• Mentoring, supporting and guiding the operational security team
• Work with the PnP Risk and Privacy team on establishing and updating standards and security protocols and guidelines
• Remaining up to date with the latest security threats, standards, authentication protocols, and solutions

Competencies

• Attention to detail
• Absorbs pressure positively
• Self-motivated 
• Patience
• Team leader and player
• Problem solving ability
• Interpersonal skills
• Good communication skills – both verbal and written

Additional Information

• Competency based interview to assess above requirements.