Group Security Architect

Mediclinic Group Services | Stellenbosch | South Africa 

Closing date: 25/07/2025  
Number of positions: 1 
Recruiter name: Gaylin Daniels  
Reference number: 62222  
 Workplace Type: Hybrid
Permanent

Please note if you are an internal employee on a fixed term contract please apply using an external candidate profile and not your employee profile

MAIN PURPOSE OF JOB

Design, implement, and maintain secure architecture for cloud and hybrid IT systems across the Mediclinic Group, with a strong focus on Microsoft 365 and Azure platforms. Support strategic security initiatives on the Group and cross divisions by ensuring that all infrastructure, network, data, and application layers are protected in line with the organisation’s security policies, regulatory obligations, and enterprise risk appetite. Stay updated on emerging security trends, especially in healthcare.

KEY RESPONSIBILITY AREAS

Design and govern secure cloud architecture (Azure, M365, hybrid)

Define and enforce cloud and enterprise security standards, frameworks, following Zero Trust Principles

Lead technical risk assessments and threat modelling for cloud and on-prem deployments and new solution selections

Lead the IADM implementation in collaboration with the group architects and divisions

Evaluate, select, and optimise security tools (EDR, SIEM, CASB, etc.)

Implementation and guidelines on network security

REQUIRED EDUCATION

ESSENTIAL EDUCATION

Relevant Bachelor's degree in Information Systems, Cybersecurity or Engineering

DESIRED EDUCATION

Microsoft Certified: Cybersecurity Architect Expert

CISSP / CCSP / Azure Security Engineer Associate, Microsoft Cyber Security Architect Expert Certification

REQUIRED EXPERIENCE

ESSENTIAL MINIMUM EXPERIENCE

Minimum 10 years relevant experience in information security, with at least 5 years in a security architecture role.
Hands-on experience in designing and implementing Microsoft 365 and Azure security.

DESIRED EXPERIENCE

Relevant experience with regulatory compliance in healthcare (e.g. GDPR, ADHICS, POPIA)

A working knowledge of cloud security posture management (CSPM), SASE.

Knowledge of third-party risk, DevSecOps, and identity governance.

Container Security Experience with Kubernetes, Docker

REQUIRED JOB SKILLS AND KNOWLEDGE

• Cloud Security Architecture (Azure, M365)
• Identity & Access Management (Entra ID, RBAC)
• Security frameworks (NIST, ISO, CIS)
• Network segmentation, Zero Trust
• Information protection (DLP, MIP, MCAS)
• SIEM/SOAR platforms (e.g., Sentinel)
• Strong understanding of N/W security, including SASE, Cloud, On-premises, and SD-WAN environments
• Solid understanding of secure design principles, including Zero Trust Architecture and a solid understanding of security frameworks such as NIST, ISO 27001, and CIS Controls
• An understanding of working with AI and large language models in the context of security

All applicants will be considered, with the understanding that preference will be given in accordance with the Employment Equity Plan of Mediclinic Group Services, as well as internal applicants/employees that meet the minimum requirements.

Please note if you are an internal employee on a fixed term contract please apply using an external candidate profile and not your employee profile