Software Security Architect
- Full-time
Company Description
Arηs Group, Part of Accenture, specializes in the management of complex public sector IT projects, including systems integration, informatics and analytics, solution implementation and program management. Our team helps lead clients through digital and information systems design, bringing expertise in a variety of areas ranging from software development, data science and security management to machine learning, cloud, and mobile development.
Arηs Group was acquired by Accenture in July 2024.
Job Description
- Design, develop and maintain enterprise cybersecurity architectures aligned with organizational strategy, business objectives and risk management requirements
- Define and implement security architecture frameworks, reference models, standards and governance principles across systems, services and platforms
- Translate business, operational and security requirements into secure architecture designs, technical specifications and implementation roadmaps
- Conduct business and user requirements analysis to ensure cybersecurity solutions align with organizational objectives and operational needs
- Design cybersecurity solutions based on security-by-design, privacy-by-design and secure-by-default principles
- Produce and maintain high-level and detailed security architecture documentation, specifications, standards and design artefacts
- Present cybersecurity architectures, technical recommendations and security strategies to technical and non-technical stakeholders
- Lead the integration of cybersecurity controls and security solutions into existing enterprise and application architectures
- Provide architectural leadership during the full system development lifecycle, ensuring security requirements are embedded from design through implementation
- Establish and maintain secure development environments and secure development lifecycle (SDLC) practices
- Assess and evaluate existing architectures, systems and services to identify security risks, weaknesses and improvement opportunities
- Conduct security architecture reviews and ensure compliance with organizational standards, security frameworks and best practices
- Evaluate and select appropriate security controls, technologies and solutions, including cryptographic mechanisms, identity and access management controls, and security monitoring capabilities
- Develop resilient architectures that reduce single points of failure and improve security, availability and operational continuity
- Guide development, operations and implementation teams on architecture decisions, security controls and cybersecurity best practices
- Collaborate with key security personnel, business stakeholders and technical teams to ensure the consistent application of security principles
- Analyze the impact of cybersecurity solutions on system performance, functionality and operational requirements
- Adapt security architectures to emerging threats, evolving technologies and changing business requirements
- Monitor industry developments, cybersecurity trends and emerging technologies to ensure continuous improvement of the organization’s security posture
- Lead, coordinate and support security solution implementation, integration and maintenance activities
- Promote a proactive, risk-based and security-focused culture across projects and technology initiatives
- Perform additional tasks as assigned by the supervisor
Qualifications
- Minimum 10 years of relevant IT professional experience
- Minimum 8 years of experience in a similar role
- Minimum education level: Level 7 (Master's degree or equivalent) in an ICT-relevant field
- At least 4 of the following certifications:
- CISSP (Certified Information Systems Security Professional)
- CISA (Certified Information Systems Auditor)
- CISM (Certified Information Security Manager)
- SABSA Chartered Security Architect – Foundation Certificate (SCF)
- TOGAF Foundation
- CNDA (EC-Council Certified Network Defense Architect)
- CISSP-ISSAP ((ISC)² Certified Information Systems Security Architecture Professional)
- CGEIT (ISACA Certified in the Governance of Enterprise IT)
- CRISC (ISACA Certified in Risk and Information Systems Control)
- SCPA (SABSA Certified Security Architecture Design & Development Practitioner)
- SCMA (SABSA Certified Security Architecture Design & Development Specialist)
- TOGAF Certified
- GSNA (GIAC Certified Systems and Network Auditor)
- GCCC (GIAC Certified Critical Controls)
- GPPA (GIAC Certified Perimeter Protection Analyst)
- or equivalent, internationally recognized certification
- Minimum English language proficiency: CEFR B2
- Knowledge of secure development lifecycle
- Knowledge of security architecture reference models and security solutions
- Knowledge of the latest technologies and solutions
- Knowledge of the latest cybersecurity trends
- Ability to conduct user and business requirements analysis
- Ability to draw architectural and functional specifications
- Ability to design cybersecurity systems and architectures based on security and privacy by design and by default principles
- Ability to guide and communicate with implementers and IT personnel
- Ability to report, communicate and present to stakeholders
- Ability to propose cybersecurity architectures based on stakeholder needs and budget
- Ability to select appropriate specifications, procedures and controls (e.g., cryptographic models, access control techniques)
- Ability to build resilience against points of failure across the architecture
- Ability to provide technological design leadership
- Ability to lead the integration of security solutions
- Mastery of SharePoint and SharePoint platform-specific tools
- Expert-level knowledge of cybersecurity related to development and application architecture
- Exceptional collaborative skills
- Versatility across technologies and platforms
By clicking the link above or any third-party link within this posting, you are leaving this site and going to a third-party website where the third-party website's terms and privacy policy apply