Cloud Security Consultant

Location: Riyadh, Saudi Arabia

Employment Type: Full-time

Experience: 7+ Years

We are seeking an experienced Cloud Security Consultant to define, implement, and govern cloud security controls in alignment with Saudi regulatory requirements and industry best practices. The role focuses on establishing a cloud security roadmap, strengthening security governance, and ensuring secure cloud architecture for banking and regulated clients.

• Define and maintain a cloud security roadmap, tracking progress against milestones, best practices, and regulatory requirements.

• Review and enhance cloud security policies, standards, processes, and baselines to ensure compliance with regulatory and industry frameworks.

• Ensure alignment with Saudi cybersecurity regulations and frameworks, including NCA Essential Cybersecurity Controls (ECC), NCA Cloud Cybersecurity Controls (CCC), and SAMA Cybersecurity Framework (CSF).

• Design and review secure cloud reference architectures, covering network segmentation, encryption, identity and access management, and workload protection.

• Conduct cybersecurity assessments and reviews of cloud environments against bank and client security baselines.

• Identify security gaps, risks, and remediation actions related to cloud infrastructure and services.

• Collaborate with cloud architects, infrastructure, and security teams to ensure secure-by-design cloud implementations.

• Prepare security assessment reports, risk registers, and compliance documentation.

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.

• Proven experience as a Cloud Security Consultant or similar role in regulated environments.

• Strong knowledge of cloud security principles, architectures, and controls.

• Hands-on experience working with Saudi regulatory frameworks, including NCA ECC, NCA CCC, and SAMA CSF.

• Experience conducting cloud security assessments for banking or financial services clients.

• Strong understanding of cloud security best practices (network segmentation, encryption, workload protection, IAM).

• Excellent analytical, risk assessment, and problem-solving skills.

• Strong documentation, reporting, and stakeholder communication skills.

• Ability to work independently and manage multiple security initiatives.

• Cloud security certifications (CCSP, CCSK, AWS/Azure/GCP Security).

• Experience with major cloud platforms (AWS, Azure, GCP).

• Familiarity with ISO 27001, NIST, and CIS benchmarks.

• Experience in consulting or professional services environments.