Enterprise Security Architect

The Enterprise Security Architect is responsible for designing, implementing, and maintaining secure systems and infrastructure, with a primary focus on safeguarding cloud environments and critical applications. This role ensures the secure configuration of all systems and implements advanced security solutions including Microsoft M365 E5 EDR for endpoints and servers, SASE (Security Access Service Edge, Firewalls, Web Application Firewalls, and other information security solutions and tools.

• Security Architecture Strategy & Design: Accountable for defining, designing, and continuously evolving the enterprise-wide security architecture, reference models, and patterns (e.g., Zero Trust) across all domains (network, application, data, cloud). Evaluate new security technologies and trends as well.
• Cloud Security Governance & Architecture: Lead the design and implementation of robust security controls for all cloud environments such as Azure, Microsoft 365 ensuring compliance, secure configuration, and monitoring of cloud-native resources. Designing and building secure network architectures (Firewalls, IDS/IPS, VPNs) and ensuring secure configurations of systems and applications.
• Security Risk Assessment & Mitigation: Accountable for performing comprehensive threat modelling, risk assessments, and vulnerability analyses on new and existing systems to identify security design gaps and recommend effective mitigation strategies.
• Data Loss Prevention (DLP) Program Management: Responsible for the strategy, implementation, and tuning of (DLP) systems to classify, monitor, and prevent the unauthorized exfiltration of sensitive organizational data.
• Microsoft M 365 E5 Security platforms management. Implementing and managing security solutions (UEM, MDM, EDR, DLP, IAM, SIEM).
• Identity and Access Management (IAM) Design: Design and govern the enterprise IAM framework, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Role-Based Access Control (RBAC) to enforce the principle of least privilege.
• Security Policy & Standard Development: Develop, maintain, and enforce security policies, standards, and guidelines that align with industry best practices (e.g., NIST, ISO 27001) and regulatory requirements (UAE IA).
• Technology Evaluation & Roadmap: Research, evaluate, and recommend new security technologies (e.g., EDR, XDR, CASB) to enhance the security tooling stack and develop a strategic roadmap for their deployment and integration.
• Incident Response Architecture Support: Provide expert architectural guidance to the Security Operations Center (SOC) during incident response, ensuring that security logs, monitoring, and forensic capabilities are architecturally sound for rapid detection and containment
• Stakeholder Communication & Consulting: Serve as the top-tier security subject matter expert (SME), effectively communicating complex security and risk implications to both technical teams and non-technical senior business stakeholders.
• Stakeholder management and Team work : Managing the departmental collaboration within EGA IT and the Government Department IT Departments and the Government Departments themselves to promote security best practices and ensure vulnerabilities are understood and remediated effectively.
• Incident Response: Collaborating with incident response teas suring security events and forensic investigations to, again, and ensure the security design, vulnerabilities are understood and remediated effectively.
• Automation and AI : Using automation and AI tools AI to spot network communications, patterns and security capabilities that saves the information security team from unnecessary efforts.

Bachelor’s degree in cyber security or information security engineering, Electronic and Telecommunication Engineering, IT Engineering, Computer Science, or any relevant discipline

• Bachelor’s degree in cyber security or information security engineering, Electronic and Telecommunication Engineering, IT Engineering, Computer Science
• Minimum 15 years of Experience on the Information Technology Domain

CISSP, CISM, CCSP, CCNA, CCNP, CCD, CCDP are prior to be acceptable but other certifications are acceptable as well.

Minimum 2 subject matter certification is required.

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• CCSP (Certified Cloud Security Professional)
• CCNA (Cisco Certified Network Associate)
• CCNP (Cisco Certified Network Professional)
• CCDA (Cisco Certified Design Associate)
• CCDP (Cisco Certified Design Professional)

English Language (spoken and written) – Essential, Arabic Language (spoken and written)