Cybersecurity Architect Consultant

ASMO is a groundbreaking joint venture between DHL and Saudi Aramco. Inheriting DHL’s logistics excellence and Saudi Aramco’s extensive supply chain ecosystem, we are here to set a new benchmark and redefine the procurement and supply chain landscape, enabling growth.

ASMO aims to be operational in 2025 and provide reliable end-to-end integrated procurement and supply chain services for companies across the industrial, energy, chemical, and petrochemical sectors. Our focus customers in the short term will be Saudi Aramco and its Affiliates. In the long term, all the industrial sectors within Saudi Arabia aim to reach the MENA region.

Objective:

The role holder is responsible for defining and implementing a comprehensive security architecture framework to protect the organization systems, networks and data. It encompasses the identification of required cybersecurity controls and governing documents to ensure the confidentially, integrity and availability of technology and data assets.

General Responsibilities:

• Review as-is and to-be security architect and develop security roadmaps.
• Assess current technology environment, including applications, cloud, database and network, to identify deficiencies and recommend solutions.
• Stay up to date with emerging security technologies and trends and apply them where appropriate.
• Build cybersecurity architecture for ASMO in alignment to SABSA standards, local regulations, and best practises.
• Build hybrid cloud security architecture in alignment to ASMO business requirements.
• Develop security architecture design patterns to ensure consistency of security architecture throughout the environment.
• Define new security architecture patterns for advanced technologies.
• Assess the maturity of Cybersecurity capabilities against industry standards such as NIST Cybersecurity Framework (NIST CSF), ISO, 800-53/171, etc.
• Assess the security architect of technology projects, identify security requirements and ensures alignment with corporate security policies and best practices.
• Provide project consultation and evaluate security architecture and risks of proposed solutions, including vendor products & services, and recommend alternative solutions or compensating controls.
• Identify gaps in the current project’s security design, cybersecurity reference architecture, architecture design patterns and recommend security enhancements.
• Liaise with key stakeholders from the technology function to gather inputs on the various applications to develop the required security controls.
• Ensure systems are build according to cybersecurity standards and security architecture patterns.
• Contribute to the identification of opportunities for the continuous improvement of systems, processes, and practices to enhance productivity and cybersecurity capabilities maturity.
• Develop and implement all relevant policies, processes, procedures and instructions so that work is carried out in a controlled and consistent manner.
• Contribute to the preparation of timely and accurate cybersecurity reports to meet departmental requirements, policies, and standards.

Qualifications:

• Bachelor’s degree in computer science, cybersecurity, computer engineering, or information technology preferred, or other related fields from a recognized and accredited university.
• Below certifications are preferred:

o SABSA Certification

o Certified Info Sys Security Professional (CISSP)

o Certified Information Security Manager (CISM)

o Certified Information Security Auditor (CISA)

• Demonstrated proficiency in oral and written English.
• Minimum of 9 years’ experience in a similar role.
• Experience in IT Security or Cybersecurity Architecture.

Core Competency:

• Proven experience as an Enterprise Security Architect.
• Excellent working knowledge of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level
• A background in at least two general security practices: cloud security in AWS/Azure/OCI, application/API security, firewalls, IDS/IPS, sandboxing, threat intelligence, vulnerability assessment and mitigation, SIEM, auditing, encryption, data loss prevention, threat intelligence, SASE, Zero-trust network access solutions, mobile application/system security.