Cybersecurity Architect

We are seeking an experienced Cybersecurity Architect to join the Portfolio Management Office (PMO). The candidate's primary role will be responsible for defining the program's cybersecurity strategy, direction, and governance for the Digital Platform ecosystem, Cloud computing environment, and end-to-end networking. The candidate will design a robust and scalable cloud security architecture, platform security architecture, and end-to-end networking security architecture, develop a comprehensive security strategy aligned with business goals, Saudi Cybersecurity regulations/mandates, and client's applicable standards, and establish a governance framework to guide secure platform ecosystem adoption by all program stakeholders.

Key Responsibilities:

1. Develop digital platform ecosystem data governance framework, policies including access controls, and security measures.
2. Develop cloud/edge computing governance procedures, policies, and frameworks, addressing roles and responsibilities, access controls, security measures, and compliance across all cloud/edge computing platforms.
3. Design cloud/edge computing security architecture, platform security architecture, and end-to-end network infrastructure security architecture to ensure alignment with security mandates.
4. Conduct security assessments and risk analyses for proposed designs and actual environments related to cloud/edge computing infrastructure, platform ecosystems, and network infrastructures.
5. Develop cybersecurity vendor assessment criteria related to cloud, platform, and networking architecture.
6. Collaborate with other architects on market surveys and shortlisting vendors.
7. Develop cybersecurity technology strategies, including perimeter infrastructure security (IPS, IDS, NGFW, DLP, Anti-virus), endpoint protection, SIEM, Zero Trust, cloud security posture management, SASE, CASB, and cybersecurity mesh architecture.
8. Establish security incident response, metrics, and reporting mechanisms to monitor and evaluate platform ecosystem security posture.
9. Identify and resolve cybersecurity performance bottlenecks, optimize resource allocation, and ensure cybersecurity performance across the platform ecosystem.

Minimum Requirements:

1. Bachelor's degree in computer science, information security, or a related field.
2. Cloud security certifications such as CISSP, CCSP, Zero Trust, DevSecOps, ICS, or other relevant certifications are required.
3. 12+ years of experience in information security, with at least 10 years in cloud/edge/platform security architecture and strategy.
4. Proven experience designing and implementing hyperscaler secure cloud architectures, secure cloud platforms, and end-to-end networking infrastructures in complex environments, especially for hydrocarbon industries and IIoT ecosystems.
5. Proven record in cybersecurity assessment and GRC.
6. Experience with at least three leading cloud platforms (AWS, Azure, GCP, OCI, etc.).
7. Strong understanding of security frameworks and standards (GRC, NIST, CIS, ICS, ISO 27001, SANCS, ECC by NCA, PDPL, etc.).
8. Strong analytical, problem-solving, communication, and interpersonal skills, with the ability to explain complex technical concepts clearly.
9. Ability to develop technical documentation and presentations.
10. Ability to work independently and collaboratively across stakeholders.
11. Fluent in English and Arabic; additional languages are a plus.