Description 

The Information Security Architect is responsible for designing, implementing, and maintaining the overall security architecture of the organization. This includes defining security requirements, conducting security assessments, developing security policies and procedures, and ensuring compliance with relevant regulations and standards. The Information Security Architect will collaborate with cross-functional teams to identify and mitigate security risks, provide guidance on security best practices, and drive continuous improvement in the organization's security posture. 

Responsibilities 

Develop and maintain the organization's information security architecture, including the design and implementation of security controls, technologies, and processes for Internal, SaaS, Third Party and Cloud. 

Conduct security assessments to both internal and 3rd parties to identify and prioritize security risks and recommend appropriate mitigation strategies. 

Define and enforce security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements. 

Collaborate with cross-functional teams to integrate security requirements into the design and development of new systems, applications, and infrastructure (including but not limited to DevOps) 

Provide technical guidance and support to IT teams and business units on security-related matters, including secure coding practices, network security, and data protection. 

Stay up to date with the latest security threats, vulnerabilities, and industry trends, and recommend appropriate security solutions and technologies. 

Collaborate with external vendors and partners to ensure the security of third-party systems and services. 

Develop and maintain the organization's cloud security architecture, including the design and implementation of security controls, technologies, and processes for cloud-based systems and services. 

Experience, skill and capability 

Bachelor's degree in Computer Science, Information Technology, or a related field advantageous.  

Professional certifications such as CISSP, CISM, SABSA, or Azure Certified Security - Specialty are highly desirable. 

Proven experience as a Cloud Security Architect or a similar role, with a strong background in designing and implementing security solutions for cloud-based systems and services. 

In-depth knowledge of cloud security principles, frameworks, and best practices, such as the Cloud Security Alliance (CSA) Cloud Controls Matrix 

Experience with cloud security technologies and tools, such as cloud access security brokers (CASBs), cloud security posture management (CSPM) tools, and cloud workload protection platforms (CWPPs). 

Strong understanding of cloud service models (IaaS, PaaS, SaaS) and cloud deployment models (public, private, hybrid). 

Familiarity with cloud security compliance requirements and standards, such as GDPR, HIPAA, PCI DSS, and ISO 27017. 

Excellent analytical and problem-solving skills, with the ability to assess complex security risks and recommend effective mitigation strategies. 

Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders. 

The Investec Culture 

At Investec we look for intelligent, energetic people filled with passion, integrity and curiosity. We value individuals who in turn value our culture that is, a flexible attitude comfortable to live with ambiguity and willing to challenge the status quo. Diversity, talent and leadership are respected in pursuit of the growth of our business. People who can manage themselves and build strong relationships in order to get things done, will perform in out of the ordinary ways in our environment.  

We are committed to diversity and inclusion when recruiting internally and externally.