Security Architect
Job Highlights
• Master’s or Bachelor’s degree in Computer Science, Information Systems Engineering, or a related field from an accredited institution.
• Proven banking domain experience
• Preference will be given to local candidates currently based in KSA
10+ years of experience in the banking sector , preferably from Saudi banks.
• Hands-on experience of working on Enterprise Level Next-Gen Firewalls (NGFW), IDS/IPS, NAC, WAFs, DDoS Protection and leading cybersecurity solutions.
• Experience of working on Building practical Zero Trust Frameworks that move beyond the perimeter, implementing Zero Trust Network Access (ZTNA), SASE, Micro-segmentation , and Passwordless Authentication.
• Experience to Design and Architect the cyber defense by optimizing SOC technologies, specifically SIEM, SOAR, and XDR (e.g., Microsoft Sentinel, Splunk)
• Experience of working on the EDR/XDR Strategy to ensure every endpoint functions as a self-defending node, utilizing platforms like CrowdStrike, Sentinel One, Trellix or Microsoft Defender etc.
• Experience of working on enterprise class vulnerability management tools (Tenable, Qualys, or Rapid7) to transform scan data into prioritized business actions.
• Experience of working on Identity Governance, managing PAM and identity management for large-scale enterprise environments to eliminate administrative credential abuse.
• Familiar with designing Data Privacy Controls to ensure compliance with KSA PDPL and SAMA, utilizing DLP tools, Automated Data Discovery, and Hardware Security Modules
• Experience with PKI Solutions and automated certificate management to handle large-scale SSL/TLS deployments and robust encryption standards (AES-256, RSA, ECC).
• Familiarity with cloud security architectures
• Knowledge of securing emerging technologies like AI and defenses for LLMs and AI workloads.
• Familiar with security regulator’s requirements ( NCA, SAMA, PCI-DSS )
• Deep hands-on experience with enterprise vendors including Palo Alto, Fortinet, Cisco, Sailpoint, Symantec, IBM, Redhat, VMware, EMC, Recorded Future, Group IB, DigiCert, and Trellix etc.
• Expertise in designing based on emerging threats, with a focus on Identity Threat Detection and Response (ITDR) and hybrid-cloud connectivity.
• Build and maintain robust WAF (Web Application Firewall) policies to protect critical web applications from Layer 7 attacks and zero-day exploits
Broad experience on designing defense in depth and defense in breath in larger scale enterprise environment keeping in protection form Layer 1 to Layer 7 and zero days attacks and respective controls.
