Senior Security Architect

Arab Banking Corporation

Strategies:

• Develop and own a security strategy and deliver end-to-end including planning and roadmap development.

Incident Management:

• Support incident response and security operations by providing architectural insights.

Architecture Documentation:

• Design and develop high level security architecture documents.
• Develop architecture patterns to address multiple / differing use cases.
• Develop and enhance Architecture Building Blocks (ABBs) and Solution Building Blocks (SBBs) and design architectures mapping to these building blocks
• Write comprehensive reports including documenting existing architecture and defining baseline and target architecture in terms of components, integration and capabilities, and aligning with business requirements.
• Prepare and document standard operating procedures and protocols.
• Prepare technical and business architecture documentation, as per the defined frequency, and keep it in a clear way to support the Bank and ensure it remains compliant all year round.
• Work in a team environment to educate and analyse security architectures and help develop other activities for reviewing and monitoring mandatory security controls.

Product Responsibilities:

• Will be the Product Owner, supporting the senior security architect in Product Owner responsibilities regarding specific security tools under the remit of the team.
• Will be the Product Owner for Microsoft security solutions with hand-on experience of MS Purview, Azure, AWS Security stack and security solutions, ensuring correct configuration, issues identified and resolved, develop processes/procedures and follow up on alerts
• Will be the Product Owner for HSM solution, ensuring correct configuration, issues identified and resolved, develop processes/procedures and manage associated activities (key life cycle management)
• Will be the Product Owner for Microsoft AIP solution, ensuring correct configuration, issues identified and resolved, develop processes/procedures and manage associated activities (classification labelling, handling DLP alerts)
• Will be the Product Owner for Bluecoat proxy / Fireglass solution, ensuring correct configuration, issues identified and resolved, define policies, develop processes/procedures and manage associated activities.

Key Responsibilities:

• Product Ownership & Collaboration : Support the Senior Security Architect as the Product Owner for specific security tools within the team's domain.
• Microsoft Security Solutions : Serve as the Product Owner with expertise in: MS Purview , Azure Cloud, Active Directory, Defender, O365 Security and Microsoft AIP solutions
• Ensure proper configuration and timely resolution of issues
• Develop and implement effective processes and procedures
• Good knowledge of activities and solving challenges relating to classification, labeling, and handling Data Loss Prevention (DLP)
• Continuously monitor and follow up on security alerts
• HSM Solution Management : Oversee the Hardware Security Module (HSM) as Product Owner:
• Ensure accurate configuration
• Identify and resolve issues efficiently
• Develop and manage processes and procedures
• Responsible for key lifecycle management

Note : Candidates should possess a solid understanding of security solutions and demonstrate effective problem-solving skills to ensure the seamless operation and integration of the security tools and solutions.

Job Requirements

Knowledge

• Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
• Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
• Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
• Deep knowledge of network, application, cloud and data security best practices
• Understanding of architecture frameworks (e.g. TOGAF, SABSA)
• Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
• Detailed technical knowledge of operating system and Cloud CIS baseline
• Good knowledge of low-level and high-level security architecture design and development
• Good understanding of security design patterns
• Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
• Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management

Education / Certifications

• University degree with an IT and / or Cyber Security background
• Recognized and active Information Security and platform qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud specific certifications).

Desirable Certifications: GIAC Defensible Security Architecture

Experience

• At least 8 years of work experience
• 3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
• Experience with threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK)
• Experience in working with cryptographic solutions (e.g. HSM)
• Experience in developing high level architecture for the cloud and hands-on experience designing secure architectures in cloud environments (AWS, Azure, GCP)
• Strong understanding of IAM, MFA, authentication protocols (OAuth, SAML, OpenID Connect) and able to configure well known Security Solutions in this domain.
• Experience in securing APIs, containers and microservices
• Experience with network security and networking technologies and with system, security, and network monitoring tools
• Recent, full-time working experience with financial institutions
• Practical experience on working with cloud technologies and implementing security in hybrid and multi-cloud scenarios.