Talent.com
Manager - Information Security Architecture.Information Security

Manager - Information Security Architecture.Information Security

Mtn GroupWorkFromHome, Gauteng, South Africa
1 day ago
Job description

Manager Information Security Architecture Info...

Showing 13 Manager Information Security Architecture Information Security jobs in Roodepoort

Senior Software Engineering Manager : Security

Roodepoort, Gauteng R - R Y CapCircle Management Consultants

Posted today

Job Description

NOT FOR FIRST TIME JOB SEEKERS

HYBRID MODEL : OFFICE AND HOME (OFFICE - ROODEPOORT - GAUTENG - SOUTH AFRICA)

Role Overview

The Senior Software Engineering Manager : Security is responsible for embedding security engineering practices across the enterprise's platforms, applications, and integrations. This role ensures that security is built into every layer of software development — from architecture and design to deployment and operations. It combines deep technical expertise in cybersecurity with leadership, governance, and engineering delivery responsibilities.

Key Responsibilities

  • Security Strategy & Leadership
  • Define and drive the software security engineering strategy, ensuring alignment with enterprise security and technology roadmaps.
  • Act as the security champion within engineering, embedding DevSecOps practices across backend, mobile, digital channels, and integrations.
  • Partner with the CISO, enterprise security, and architecture teams to set secure-by-design principles and frameworks.
  • Secure Software Engineering Delivery
  • Oversee the integration of application security testing (SAST, DAST, IAST, SCA) into CI / CD pipelines.
  • Ensure API, backend, mobile, and digital channel platforms are secured against evolving threats.
  • Lead initiatives for zero trust architecture, encryption, identity & access management, and secure APIs.
  • Govern secure coding standards, threat modelling, and vulnerability management.
  • Regulatory Alignment & Risk Management
  • Ensure software engineering practices comply with regulatory frameworks (e.g., PCI DSS, POPIA, GDPR, SOC 2, ISO).
  • Oversee risk assessments, penetration testing, and incident response readiness.
  • Align software engineering controls with enterprise GRC (Governance, Risk & Compliance) frameworks.
  • Security Observability & Talent
  • Implement secure observability and monitoring for proactive threat detection in engineering systems.
  • Lead and mentor security engineers, DevSecOps specialists, and secure coding champions.
  • Build organizational capability in security engineering skills, tools, and practices.
  • Foster a culture of security-first thinking across all engineering teams.
  • Drive training and awareness programs to ensure engineering talent remains up to date with emerging threats and tools.
  • Collaboration & Stakeholders
  • Partner with enterprise engineering managers (backend, mobile, digital, integrations) to embed security consistently.
  • Collaborate with business, product, and compliance stakeholders to balance customer experience with security requirements.
  • Manage relationships with security vendors, penetration testers, and regulatory auditors.

Educational Qualifications

  • Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or a related field (mandatory).
  • Professional Certifications (preferred / required) : CISSP, CISM, or CISA.
  • Application Security : CSSLP (Certified Secure Software Lifecycle Professional).
  • Cloud Security : AWS / Azure / GCP Security Specialty.
  • DevSecOps : GIAC, Kubernetes Security Specialist, or equivalent.
  • ITIL or governance frameworks – advantageous.
  • 10–12 years' experience in software / security engineering, with at least 5+ years in leadership roles.
  • Proven experience embedding application security across large engineering teams.
  • Strong track record in DevSecOps, secure CI / CD, and automation of security controls.
  • Experience securing cloud-native, microservices, APIs, and mobile applications at enterprise scale.
  • Hands-on expertise in threat modelling, penetration testing, vulnerability remediation, and secure architecture design.
  • Background in regulated industries (banking, fintech, telecom, or healthcare) preferred.

    • Core Skills & Competencies

  • Deep expertise in application and cloud security engineering.
  • Strong knowledge of cybersecurity frameworks and compliance standards.
  • Excellent leadership and coaching skills for building specialized security engineering teams.
  • Ability to balance innovation, speed, and compliance in software delivery.
  • Strong stakeholder management across executives, regulators, and technical teams.

    • #J-18808-Ljbffr

    Create a job alert for this search

    Security Manager • WorkFromHome, Gauteng, South Africa