Group Security Architect

Mediclinic is an international private healthcare services group, founded in South Africa in 1983, with divisions in Switzerland, Southern Africa (South Africa and Namibia) and the United Arab Emirates.The Group is focused on providing specialist-orientated, multidisciplinary services across the continuum of care in such a way that the Group will be regarded as the most respected and trusted provider of healthcare services by patients, medical practitioners, funders and regulators of healthcare in each of its markets.MAIN PURPOSE OF JOBDesign, implement, and maintain secure architecture for cloud and hybrid IT systems across the Mediclinic Group, with a strong focus on Microsoft 365 and Azure platforms. Support strategic security initiatives on the Group and cross divisions by ensuring that all infrastructure, network, data, and application layers are protected in line with the organisation’s security policies, regulatory obligations, and enterprise risk appetite. Stay updated on emerging security trends, especially in healthcare.KEY RESPONSIBILITY AREASDesign and govern secure cloud architecture (Azure, M365, hybrid)Define and enforce cloud and enterprise security standards, frameworks, following Zero Trust PrinciplesLead technical risk assessments and threat modelling for cloud and on-prem deployments and new solution selectionsLead the IADM implementation in collaboration with the group architects and divisionsEvaluate, select, and optimise security tools (EDR, SIEM, CASB, etc.)Implementation and guidelines on network securityRequired EducationESSENTIAL EDUCATIONRelevant Bachelor's degree in Information Systems, Cybersecurity or EngineeringDESIRED EDUCATIONMicrosoft Certified: Cybersecurity Architect ExpertCISSP / CCSP / Azure Security Engineer Associate, Microsoft Cyber Security Architect Expert CertificationRequired ExperienceESSENTIAL MINIMUM EXPERIENCEMinimum 10 years relevant experience in information security, with at least 5 years in a security architecture role.Hands-on experience in designing and implementing Microsoft 365 and Azure security.Desired ExperienceRelevant experience with regulatory compliance in healthcare (e.g. GDPR, ADHICS, POPIA)A working knowledge of cloud security posture management (CSPM), SASE.Knowledge of third-party risk, DevSecOps, and identity governance.Container Security Experience with Kubernetes, DockerRequired Job Skills And KnowledgeCloud Security Architecture (Azure, M365)Identity & Access Management (Entra ID, RBAC)Security frameworks (NIST, ISO, CIS)Network segmentation, Zero TrustInformation protection (DLP, MIP, MCAS)SIEM/SOAR platforms (e.g., Sentinel)Strong understanding of N/W security, including SASE, Cloud, On-premises, and SD-WAN environmentsSolid understanding of secure design principles, including Zero Trust Architecture and a solid understanding of security frameworks such as NIST, ISO 27001, and CIS ControlsAn understanding of working with AI and large language models in the context of security