To lead the strategic integration of Secure by Design (SbD) principles across all IT system and network infrastructure architecture (mobile and fixed) aspects. This role emphasizes a proactive approach in embedding robust security measures from the earliest stages of architectural planning and design to implementation and operational phases and extends to the decommissioning of services. The Manager, Secure by Design, will ensure that all architectural frameworks, solutions, and services are built with inherent security features that align with organizational goals, reduce vulnerabilities, and uphold compliance with relevant cybersecurity standards. This commitment to architectural excellence aims to establish a secure foundation for all technological initiatives, thereby safeguarding business operations and client data against emerging threats.
Key accountabilities and decision ownership:1. Strategic Oversight and Cybersecurity Framework Enhancement:
• Periodically review and strategically enhance the cybersecurity strategy and roadmap based on the evolving threat landscape, ensuring all identified risks are mitigated effectively.
• Champion developing and implementing innovative cybersecurity solutions and frameworks that address future technological challenges.
2. Leadership and Functional Direction:
• Lead the Security Architecture function, providing guidance and strategic direction to a team of Cyber Security Specialists.
• Guarantee that security and privacy are foundational to all projects and products through rigorous adherence to the Security and Privacy by Design & Assurance (SPDA) process.
3. Regulatory Compliance and Best Practices:
• Ensure stringent compliance with all legal and regulatory requirements for cybersecurity across various technology domains within the company.
• Develop, update, and enforce robust cybersecurity design principles and controls tailored to IT systems and networks, including mobile and fixed infrastructures.
4. Collaboration and Integration:
• Act as a central point of collaboration, ensuring seamless communication and strategy alignment between Cyber GRC (Governance, Risk, and Compliance), Cyber Prevent, and Cyber Defense teams.
• Facilitate cross-departmental meetings to ensure cybersecurity measures are integrated into every aspect of technology development and deployment.
5. Architectural Assessment and Enhancement:
• Lead comprehensive assessments of existing and proposed architectures to identify security gaps and inefficiencies.
• Recommend and supervise the implementation of strategic enhancements to fortify security standards and practices across all technological platforms and services.
1. Strategic Thinking:
Demonstrates an exceptional ability to anticipate future trends and challenges in cybersecurity, adapting strategies proactively to mitigate risks. Skilled in creating comprehensive roadmaps that align with organisational goals while incorporating innovative security solutions.
2. Leadership Acumen:
Exhibits outstanding leadership qualities, including inspiring, motivating, and guiding teams to achieve high-performance outcomes. Proven experience managing diverse teams, developing talent, and fostering a culture of accountability and excellence within the cybersecurity function.
3. Analytical Skills:
Possesses sharp analytical abilities with a keen attention to detail. Expert in conducting complex security assessments, interpreting a wide range of data, and making data-driven decisions that enhance organisational security postures.
4. Fostering Teamwork:
Committed to building and nurturing a collaborative team environment. Skilled in mediating conflicts and integrating cross-functional teams to work effectively towards common goals. Recognises and values the contributions of team members, encouraging open communication and shared success.
5. Customer Orientation:
Strong customer focus with a proven track record of successfully aligning security architectures with user needs and business objectives. Ensures customer satisfaction by designing secure, reliable, and user-friendly systems and services, prioritising client data and asset protection.
Must have technical/professional qualifications:
• Bachelor's degree in information security, Computer Science, Cyber Security, or a relevant domain with 5 to 10 years of relevant experience. The experience should encompass a mix of technical skills, project management and leadership responsibilities.
• Candidates must possess and or actively pursuing certifications in one or more of the following areas will be considered: CISSP, CASP, CCSP, Microsoft Cybersecurity Architect, ISSAP, GIAC Defensible Security Architecture (GDSA), CREST Registered Technical Security Architect, TOGAF, AWS Certified Solutions Architect, Google Cloud Certified - Professional Cloud Architect, or SABSA.
• Knowledge of Cyber and risk management frameworks and international security standards.
• Knowledge of legal, regulatory and privacy requirements (GDPR, PCI DSS).
• Understanding of Information Technologies (IT) and Cyber Security Technologies
• 100% of systems and products in production went through Security and Privacy by Design Assurance (SPDA).
• Zero (0) Cyber Incident resulted from Security configuration or design loophole.
• 100% execution of Cyber security initiative in a defined period.
Function: Technology
Sub-Function: Cyber Security & Technology Assurance
Band/TW: Management/TW11
Reports to: Head of Cyber Security & Technology Assurance
Location: Kinshasa DRC
Vodacom DRC welcomes applications from candidates without discrimination and embraces diversity and inclusion. We strongly encourage women, neurodivergent individuals, and people living with disabilities to apply. We firmly believe that every individual brings unique and invaluable qualities, and we are committed to fostering an inclusive, respectful, and supportive work environment where everyone can flourish.
Together we can.