Lead Applications & Integration Security

The main purpose of this position is to provide technical leadership and guidance in the application and integration security function, in support of secure business applications development, implementation and maintenance.

• Contribute to the compilation of divisional operational plans and take responsibility for the implementation as well as the monitoring thereof.

• Manage and direct the development and maintenance of the secure Software Development Life Cycle procedures and standards based on the environment and manage the implementation thereof ensuring that the solutions are free from cybersecurity vulnerabilities.

• Lead and manage the vulnerabilities threat process in support of building an advanced security posture for the Organisation.

• Address the application and integration security audit findings to reduce the threat landscape and improve its application security posture.

• Lead and guide the security component of the information technology (IT) projects, upholding code reviews and ensuring compliance with security standards during each stage of the project development life cycle.

• Contribute to the development of the Security Major Incident Response Procedures and manage the implementation thereof, during a security breach.

• Drive the application and integration security awareness campaigns and oversee training to all key stakeholders (including developers, testers and business analysts) on secure development.

• Provide consolidated and integrated reports and analytics for various forums pertaining to the application and integration security landscape.

• Identify and mitigate risks related to the application and integration security environment and ensure compliance with relevant governance frameworks.

• Keep abreast of best practices and development in the field of application and integration security and ensure continuous improvement, while ensuring the optimal use of security best practice with the development of new solutions.

• Lead stakeholder engagements (internal and external), in support of the sound security posture to fulfil the line management function pertaining to development and performance of the team.

• Bachelor’s degree (NQF 7) in Information Systems and Management or an equivalent qualification
• Certification in Application Security Engineer (SACE)Certified Ethical Hacker (CEH)
• 8–10 years’ experience in the secure SDLC frameworks and solutions, of which at least 5 years must exposure to overall security governance best practices frameworks and design, penetration testing, integration and applications’ code reviews.