Senior Security Architect

Arab Banking corporation

Posted 30+ days ago

Experience

3 - 6 Years

Job Location

Bahrain - Bahrain

Education

Bachelor of Technology/Engineering(Computers)

Nationality

Any Nationality

Gender

Not Mentioned

Vacancy

1 Vacancy

Job Description

Roles & Responsibilities

Job Purpose

The Senior Security Architect will play a key role in building and maintaining IT security solutions and controls for the Bank across new and emerging domains, including Cloud and Innovation. The role will involve developing end-to-end security for Bank ABC and handling any technical problems that arise. The Senior Security Architect will identify IT threats and vulnerabilities, design and build robust security architectures and serve as the security point person for technical and business security concerns.
The job holder will be architecting and managing change and implementation with existing and new technologies, reusing when appropriate and implementing when required.
The job requires in-depth knowledge and hard skills (e.g. secure cloud architecture, cryptographic practices, protocols, network and platform security etc.) as well as strong soft skills (e.g. communication and presentation skills, stakeholder management) and a good amount of hands-on previous work experience demonstrating these.

Principal Responsibilities, Accountabilities and Deliverables of Role

Research & Planning:
  • Plan, research and design robust enterprise-wide security architectures for any IT or business projects aligned with industry frameworks (e.g. SABSA, TOGAF, NIST, CSA, ISO 27001)
  • Develop threat use cases / scenarios to clearly depict threats to security architecture.
  • Aligning new security solutions with existing technologies and designing and planning integration.
  • Lead and coordinate assessment of existing and target / implemented architecture.

Cost, Planning, Project Management:
  • Prepare cost estimates and identify integration issues for solutions and architectures
  • Develop and maintain security reference architectures and roadmaps
Engineering:
  • Understanding of Security Engineering outputs and able to oversee and incorporate into security planning
  • Able to incorporate security measures into the existing, resultant or target architecture.
  • Collaborate with DevOps, Cloud, and IT teams to embed security into CI/CD pipelines and infrastructure (DevSecOps)

Designing:
  • Define and maintain technical security patterns for secure systems and applications
  • Design high level and low-level security architecture to meet business and technical requirements
  • Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
  • Identify and reuse security solutions and consider integration with other tools when designing security solutions.

Key Responsibilities:
  • Product Ownership & Collaboration:
    • Support the Senior Security Architect as the Product Owner for specific security tools within the team s domain.
  • Microsoft Security Solutions:
    • Serve as the Product Owner with expertise in:
      • MS Purview, Azure Cloud, Active Directory, Defender, O365 Security and Microsoft AIP solutions
      • Ensure proper configuration and timely resolution of issues
      • Develop and implement effective processes and procedures
      • Good knowledge of activities and solving challenges relating to classification, labeling, and handling Data Loss Prevention (DLP)
      • Continuously monitor and follow up on security alerts
  • HSM Solution Management:
    • Oversee the Hardware Security Module (HSM) as Product Owner:
      • Ensure accurate configuration
      • Identify and resolve issues efficiently
      • Develop and manage processes and procedures
      • Responsible for key lifecycle management

Desired Candidate Profile


Job Requirements
Knowledge

  • Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
  • Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
  • Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
  • Deep knowledge of network, application, cloud and data security best practices
  • Understanding of architecture frameworks (e.g. TOGAF, SABSA)
  • Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
  • Detailed technical knowledge of operating system and Cloud CIS baseline
  • Good knowledge of low-level and high-level security architecture design and development
  • Good understanding of security design patterns
  • Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
  • Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management
Education / Certifications
  • University degree with an IT and / or Cyber Security background
  • Recognized and active Information Security and platform qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud specific certifications).
  • Desirable Certifications: GIAC Defensible Security Architecture
Experience
  • At least 8 years of work experience
  • 3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
  • Experience with threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK)
  • Experience in working with cryptographic solutions (e.g. HSM)
  • Experience in developing high level architecture for the cloud and hands-on experience designing secure architectures in cloud environments (AWS, Azure, GCP)
  • Strong understanding of IAM, MFA, authentication protocols (OAuth, SAML, OpenID Connect) and able to configure well known Security Solutions in this domain.
  • Experience in securing APIs, containers and microservices
  • Experience with network security and networking technologies and with system, security, and network monitoring tools
  • Recent, full-time working experience with financial institutions
  • Practical experience on working with cloud technologies and implementing security in hybrid and multi-cloud scenarios.
Personal attributes
  • Strong team player
  • Fluent in English (mandatory)
  • Ability to organise and prioritise tasks
  • Able to conduct the role with minimum supervision
  • Strong communication skills capable of dealing with wide range of internal and external stakeholders articulating security risks in business-friendly terms.

Company Industry

  • Banking
  • Financial Services
  • Broking

Department / Functional Area

  • System Administration
  • Network Administration
  • Security (IT Software)

Keywords

  • Senior Security Architect

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com

Arab Banking corporation

https://bankabc.applytojob.com/apply/Hydu1oBwJL/Senior-Security-Architect

Similar Jobs

Security Architect

Senior Manager- Information Security & Data Privacy Governance Officer

IT Risk & Security Analyst

ICONIC IT CONSULTING SERVICES L.L.C

  • 8 - 12 Years
  • Abu Dhabi - United Arab Emirates (UAE)
View All