3 days ago
Job title : Principal Application Security Architect
Job Location : Western Cape, Bellville
Deadline : October 16, 2024
Quick Recommended Links
CAREER OPPORTUNITY
- Santam BITS has a career opportunity for a senior role of Principal Application Security Architect in the Business Information and Technology Services (BITS) department which is based in the Western Cape or Gauteng.
KEY RESPONSIBILITIES
- Driving a comprehensive application security strategy.
- Threat mitigation and risk management.
- Secure architecture and design.
- Vulnerability management and code reviews.
- Securing the development lifecycle.
- Collaboration and communication with development teams and other stakeholders.
- Protecting global assets.
- Understanding regional requirements.
- Lead the development and execution of application security assessments.
- Ensure applications comply with all relevant security standards and regulations.
- Champion a “security by design” culture.
- Develop and maintain application security documentation.
- Develop and manage risk mitigation strategies.
- Work with other security teams (e.g., security operations, etc.)
- Stay up-to-date on the latest application security threats and vulnerabilities.
- Application Security Incident Response and Cyber Crisis Management.
- Participate in Group Information Security Programme (GISP) initiatives.
- Application Security (including cloud security), Infrastructure Security, and Cybersecurity Education, Training and Awareness.
- Provide regular feedback to Santam Manco on Group-wide application security issues.
- Clear and timely communication to management and users regarding application security matters.
- Application Security Risk assessment that identifies a requirement for additional awareness or targeted education, training, and awareness interventions.
- Review and respond to all application security-related audit findings.
- Produce required application security reports.
- Ensure that security ‘gates’ are a formal part of the SDLC/ Agile/ relevant solution development methodology.
- Active participation in Sanlam-sanctioned industry bodies (e.g. ISF Live, ISACA, FS-ISAC)
- Timeous escalation of new, high or escalating cybersecurity risks.
- Engage with application owners and the Group Cyber Security Centre (GCSC) Operations Team to ensure that system vulnerabilities identified during penetration tests, Red Team exercises, or vulnerability scans are addressed.
- Ensure that the Group CIO is aware of risks and actions required.
- Find & provide root cause analysis and implement permanent and/or long-term fixes for application security-related incidents.
- Strong understanding of integration between Workstations and Network/Servers
QUALIFICATIONS AND EXPERIENCE
- A bachelor’s Degree or Diploma in Cybersecurity, Computer Science, Information Systems, or a related field, or equivalent work experience.
- A Recognised Cyber Security Certification(s) (e.g., Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or similar certification will be an advantage.
- With 15+ years of experience in software engineering, a significant portion of that in an architectural position focusing on cybersecurity within complex organisations, preferably in the financial services sector. The incumbent must have a solid technical software engineering background with a deep understanding of cybersecurity concepts, threats, and vulnerabilities.
How to Apply for this Offer
Interested and Qualified candidates should Click here to Apply Now
- ICT jobs