Title:
Job Summary:
We are seeking an experienced Cybersecurity Architect to join the Portfolio Management Office (PMO) The candidate primary role will be responsible for defining the program’s cybersecurity strategy, direction & governance for Digital Platform ecosystem, Cloud computing environment & end-to-end networking. The candidate will design a robust and scalable cloud security architecture, Platform security architecture, end-to-end networking security architecture, develop a comprehensive security strategy aligned with business goals, Saudi Cybersecurity regulations/mandates and client’s applicable standards, establish a governance framework to guide secure Platform ecosystem adoption by all program stakeholders.
Key Responsibilities:
As the successful candidate you will be required to perform the following:
• Develop Digital Platform ecosystem data governance framework, policies including access controls, and security measures.
• Develop cloud/edge computing governance procedures, polices and framework, addressing roles and responsibilities, access controls, and security measures, compliance across all cloud/edge computing platforms.
• Develop and design cloud/edge computing security architecture, Platform security architecture and end-to-end network infrastructure security architecture to ensure a proper alignment between the proposed architectures and the security mandates.
• Develop and conduct thorough security assessments and risk analyses for
proposed designs and actual environment related to Cloud/Edge computing
infrastructure environment, Platform ecosystem environment and end-to-end
network infrastructures.
• Develop cybersecurity selection criteria for assessing potential vendors related to cloud, platform and networking architecture.
• Work closely with other architects in conducting market surveys and shortlist
candidate vendors.
• Develop recommended cybersecurity technology strategies including and not
limited to:
o Internet /Intranet/Extranet Network based on perimeter infrastructure
cybersecurity including and not limited to IPS, IDS, NGFW, DLP, Anti-virus,
NAC, micro segmentation, DMZ, WAF, RBAC, 2FA, VPN, DDoS, etc.
o Endpoint Protection Detection and Response Infrastructure.
o Security Information & Events Management.
o Cloud Workload Protection Platform.
o Zero Trust Network Access.
o Cloud security posture management.
o Log Management System.
o Secure Access Service Edge
o Cloud Access Security Broker
o Cybersecurity Mesh Architecture.
• Develop detailed security incident response, metrics and reporting mechanisms to monitor and evaluate Platform ecosystem security posture.
• Identify and resolve cybersecurity performance bottlenecks, optimize resource allocation, and ensure optimal cybersecurity performance across Platform ecosystem.
Minimum Requirements:
- Bachelor’s degree in computer science, Information Security, or a related field.
- Certifications: Cloud security related certifications are required, CISSP, CCSP, Zero Trust, DevSecOps, ICS or other relevant cloud security certifications are preferred.
- 12+ years of experience in information security, 10+ years in cloud/edge/platforms security architecture and strategy.
- Proven document demonstrating record of designing and implementing
Hyperscalers secure cloud architectures, secure cloud-based platforms
environment, and secure end-to-end (wired/wireless) networking infrastructures in complex environments for major hydrocarbon industries and IIoT ecosystems.
- Proven document record of demonstrating cybersecurity assessment & GRC.
- Experience with at least three leading cloud platforms (AWS, Azure, GCP, OCI, etc.).
- Strong understanding of security frameworks and standards (GRC, NIST, CIS, ICS, ISO 27001, KSA’s SANCCSC, ECC by NCA, PDPL, etc.).
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills, with the ability to explain
complex technical concepts to diverse audiences.
- Develop technical sound documents, (word/excel formats) and presentation slides.
- Ability to work independently and as part of a team, collaborating effectively with stakeholders across different programs’ stakeholders.
- Fluent in English and Arabic; additional language skills are a plus.
