- Driving a comprehensive application security strategy.
- Threat mitigation and risk management.
- Secure architecture and design.
- Vulnerability management and code reviews.
- Securing the development lifecycle.
- Collaboration and communication with development teams and other stakeholders.
- Protecting global assets.
- Understanding regional requirements.
- Lead the development and execution of application security assessments.
- Ensure applications comply with all relevant security standards and regulations.
- Champion a "security by design" culture.
- Develop and maintain application security documentation.
- Develop and manage risk mitigation strategies.
- Work with other security teams (., security operations,
- Stay up-to-date on the latest application security threats and vulnerabilities.
- Application Security Incident Response and Cyber Crisis Management.
- Participate in Group Information Security Programme (GISP) initiatives.
- Application Security (including cloud security), Infrastructure Security, and Cybersecurity Education, Training and Awareness.
- Provide regular feedback to Santam Manco on Group-wide application security issues.
- Clear and timely communication to management and users regarding application security matters.
- Application Security Risk assessment that identifies a requirement for additional awareness or targeted education, training, and awareness interventions.
- Review and respond to all application security-related audit findings.
- Produce required application security reports.
- Ensure that security 'gates' are a formal part of the SDLC/ Agile/ relevant solution development methodology.
- Active participation in Sanlam-sanctioned industry bodies (. ISF Live, ISACA, FS-ISAC)
- Timeous escalation of new, high or escalating cybersecurity risks.
- Engage with application owners and the Group Cyber Security Centre (GCSC) Operations Team to ensure that system vulnerabilities identified during penetration tests, Red Team exercises, or vulnerability scans are addressed.
- Ensure that the Group CIO is aware of risks and actions required.
- Find & provide root cause analysis and implement permanent and/or long-term fixes for application security-related incidents.
- Strong understanding of integration between Workstations and Network/Servers
- A bachelor's Degree or Diploma in Cybersecurity, Computer Science, Information Systems, or a related field, or equivalent work experience.
- A Recognised Cyber Security Certification(s) (., Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or similar certification will be an advantage.
- With 15+ years of experience in software engineering, a significant portion of that in an architectural position focusing on cybersecurity within complex organisations, preferably in the financial services sector. The incumbent must have a solid technical software engineering background with a deep understanding of cybersecurity concepts, threats, and vulnerabilities.
- High Stress Tolerance.
- Building and maintaining relationships.
- Teamwork and ability to function independently.
- Facilitation Skills.
- Adaptability.
- Attention to detail.
- Planning and organising.
- Ability to work independently.
- Interpersonal savvy.
- Decision quality.
- Plans and aligns.
- Optimises work processes.
- Being resilient.
- Collaborates.
- Cultivates innovation.
- Customer focus.
- Drives results.
- Sensitivity to Risk
- Balances Stakeholders
- Reporting and Administration
- Programming Languages: It is crucial to understand the security considerations of languages like Java, Python, C#, JavaScript and emerging ones like Kotlin.
- Web Technologies: Familiarity with HTML, CSS, JavaScript frameworks like React and Angular, and web application security concepts is essential.
- Mobile Development: Security expertise in Android, iOS, and cross-platform frameworks like Flutter helps secure sensitive data on user devices.
- Cloud Security: A deep grasp of cloud platforms like AWS, Azure, and GCP and their security implications is vital for secure cloud deployments.
- API Security: Understanding API security best practices is critical to prevent unauthorized access and data breaches.
- Vulnerability Understanding: In-depth knowledge of common and obscure vulnerabilities in various technologies allows for accurate identification and exploitation for testing and mitigation purposes.
- Secure Coding Practices: Expertise in secure coding principles and best practices for different languages and frameworks empowers proactive vulnerability prevention.
- Threat Modelling: The ability to analyse application architecture and functionality to anticipate potential attack vectors and proactively address them is crucial.
- Security Scanners and Code Analysis Tools: It is vital to understand how to use these tools to identify vulnerabilities in code and recommend remediation strategies.
- Penetration Testing Tools: Familiarity with these allows for thorough vulnerability assessment and simulating real-world attack scenarios.
- Security Incident Response Tools: Knowledge of incident response tools and methodologies helps them effectively handle security breaches and minimize damage.
- Cryptography and Encryption: Understanding encryption algorithms and their application in securing data is essential.
-
Security Architect
4 days ago
Barratt and Co Cape Town, South AfricaAs a Cyber-Security Solutions Architect, you'll work with our lead architect to ensure that our IT systems are protected against cyber-threats. You'll review our current security measures, recommend enhancements, and help implement them. You'll also stay up-to-date on industry tr ...
-
Cyber Security Architect
4 days ago
The Right Company Cape Town, South Africa**CYBER SECURITY ARCHITECT (BANKING INDUSTRY) - STELLENBOSCH - R93000** · **Experience**: · - 8+ years' experience in general programming · - 2+ years' general IT Architecture · - 2+ years using Python, Go or Java · - Design and deployment of highly available, enterprise · - scal ...
-
Security Solutions Architect
4 days ago
Redherd Cape Town, South AfricaOur client is a South African based security vendor with a global reach and customers in the highest spheres of technology and innovation. They provide real-time reporting on adversaries interacting with your networks or snooping around your infrastructure, allowing you to identi ...
-
Architect: Cyber Security
4 days ago
Ad Talent Africa Cape Town, South Africa**Who are we**:South African retail bank · **Who are we looking for**:Architect: Cyber Security with** **8+ years experience in general programming · **What will you do**: · **What do you need**: · - 8+ years experience in general programming · - 2+ years general IT Architecture ...
-
Network Security Architect
3 days ago
CareerfinderZA Cape Town, South AfricaKey Performance Area: · - Expertise in SIEM, anti-virus software, intrusion detection, firewalls, and content filtering. · - Expertise in routing, switching, Wi-Fi technologies, load balancers and QoS. · - Deep understanding of networking protocols (IPSEC, HSRP, BGP, OSPF, 802.11 ...
-
Information Security Solution Architect
3 days ago
iLaunch Cape Town, South AfricaCollaborate with Information Security Architect · Ensuring compliance on Information Security Standards and controls · Manage enterprise information assets · Tertiary Qualification · CISSP, CISM, CISA & ISSAP · 5 Years experience in a lead role within IT Security environment · 5 ...
-
Senior Azure Cloud Security Architect
4 days ago
SUMMIT Africa Recruitment Cape Town, South Africaand Devops practices that meet strict regulatory security and compliance · requirements. · **Responsibilities** · - Work in collaboration with Devops and Cloud Engineers toward a DevSecOps practice that conforms to Security · - and Privacy by Design principles · - Guide business ...
-
Security Architect
4 days ago
DataTech Recruitment Stellenbosch, South AfricaSecurity Architect required in Cape Town area - Hybrid, to own, analyse, architect, design and implement Platforms, Services and Systems regarding all IT and Cyber security aspects and security solutions in support of the organization. Cloud Architect and Security Certification; ...
-
Security Architect
2 days ago
Dynamic Outsourced Solutions Cape Town, South Africa Full timeThis role will be responsible for providing technical security advice and guidance with a focus on the Group/South Africa organization. This candidate will be involved in multiple change projects and be responsible for producing and publishing tailored Security best practice guid ...
-
Senior Solutions Architect
1 day ago
Progressive Edge Cape Town, South Africa**Senior Solutions Architect (.Net / Azure)** · **Permanent** · **Cape Town** · An established professional financial services company has a role available for a cloud technical lead who is able to confidently move from architectural definition and technical guidance to hands-on ...
-
Solution Architect
4 days ago
Nambiti Technologies Cape Town, South AfricaWestern Cape, CPT - CBD · - (Market related) · Our Client based in Cape Town is looking for a Solution Architect with more than 5 years' experience for 6 months project · **Requirements**: · - AWS focused but also strong on other platforms as well · - Must have 5 years' experienc ...
-
Senior Solution Architect
3 days ago
Juru Holding (Pty) Ltd Cape Town, South AfricaMy client is a leading loyalty and rewards program that offers exclusive benefits and perks to its members. As part of their continuous growth, they are seeking a highly skilled and experienced Senior Solution Architect to join their team for a 12 month contract. · As a Senior So ...
-
Pre Sales Solutions Architect
2 days ago
Black Elegance VIP Cape Town, South Africa**Overview**: · **Responsibilities**: · - **Collaborate with the sales team**: This involves working closely with the sales team to gather insights into client requirements and ensure that the proposed solutions align with their needs. Collaboration is key to delivering successfu ...
-
Lead Data Architect
3 days ago
iLaunch Cape Town, South AfricaArchitect cloud solutions for data integration and storage · Establishing methods and procedures for tracking data quality, completeness, redundancy, compliance and improvement. · Creating plans for data capacity planning, data security, life cycle data management, scalability, b ...
-
Systems Analyst- Retail
1 day ago
Lineker Solutions Cape Town, South AfricaQualifications: · - Degree in Computer Science, Information Technology, or related field · - Proven experience as a Systems Analyst or similar role in the retail industry. · - Hands-on experience designing, implementing, and managing cloud infrastructure solutions on AWS. · - Str ...
-
IT Infrastructure Architect
3 days ago
Webhelp Cape Town, South Africa**IT & Technical support** · **Location** · - Cape Town, South Africa**Language** · - English*** · **Job Advert**: · We have an ideal opportunity for someone with infrastructure design experience seeking a new challenge to join our Remote team in SA as a skilled and collaborative ...
-
Data Architect
1 day ago
Progressive Edge Cape Town, South Africa**Data Architect & Team Lead** · **Permanent** · **Cape Town** · Job description: · We are looking for a data expert who is able to confidently move from architectural definition and technical guidance to hands-on implementation and troubleshooting. The right person for this role ...
-
4. Core Financial Technical Specialist
10 hours ago
Open Source (Pty) Ltd Cape Town, South AfricaFinancial Technical Specialist with expertise in the end-to-end · **revenue and billing management **processes and the associated financial reporting; SAP knowledge required; other ERP/Financial Solution knowledge advantageous. · **Responsibilities**: · - Bring leading practice k ...
-
5. Core Operational Technical Specialists
10 hours ago
Open Source (Pty) Ltd Cape Town, South AfricaCore Operational Technical Specialist who is an expert in Asset Management and Plant Maintenance, since the City of Cape Town has many large assets across several Directorates such as Water & Sanitation, Electricity, Transport etc. that need to be maintained; SAP AM and PM knowle ...
-
Solutions Architect
2 days ago
F & G Sourcing Specialist Cape Town, South AfricaOur insurance client is seeking a **Solution Architect** to join their team in Cape Town. · **Salary**: Market Related · **Requirements**: · - Tertiary IT qualification or qualification through experience · - Minimum 6 years' IT development experience · - Experience in design and ...
Principal Application Security Architect - Cape Town, South Africa - Santam
Description
CAREER OPPORTUNITY
Santam BITS has a career opportunity for a senior role of Principal Application Security Architect in the Business Information and Technology Services (BITS) department which is based in the Western Cape or Gauteng.
KEY RESPONSIBILITIES
QUALIFICATIONS AND EXPERIENCE
COMPETENCIES
ADDITIONAL COMPETENCIES AND SKILLS
ADDITIONAL COMPETENCIES AND SKILLS
ABOUT THE COMPANY
Santam is the leading short-term insurer in South Africa. Along with its subsidiaries, the business transacts all classes of short-term insurance. Santam is a large, diversified, and transforming company and our success is rooted in our passion for our clients. Everything we do is centered on our delivery of Insurance Good and Proper.
Please note this appointment will be made in line with the Divisional Employment Equity targets. People with disabilities are welcome to apply