Cyber Governance – Security Architect Senior Consultant

Almawarid Group

Riyadh, Saudi Arabia

Posted
Ref: SP894-15

Job description / Role

Employment: Full Time

• Execute cybersecurity reviews and identify gaps in Company’s security architecture and generate cybersecurity risk management plans.
• Apply secure configuration management processes.
• Identify and prioritize Company’s critical business functions in collaboration with relevant company stakeholders.
• Analyze candidate architectures, allocate security services, and select security mechanisms.
• Define system security context, concept of operations and baseline requirements in line with Company applicable cybersecurity policies.
• Design detailed functional specifications that document Company’s architecture development process.
• Determine security controls for information systems and networks and document appropriately.
• Define appropriate availability levels for critical system functions and disaster recovery and continuity of operations requirements.
• Develop and integrate cybersecurity designs for systems and networks with multilevel security requirements.
• Develop and address Company’s security architecture and systems security engineering requirements throughout the acquisition life cycle.
• Guarantee that acquired or developed systems and architectures are consistent with Company's cybersecurity architecture guidelines.
• Read and translate technical diagrams, specifications, drawings, blueprints and schematics relating to systems and networks.
• Detect and document security controls for Company systems and networks.

Requirements

Knowledge:
• NCA ECC Standard.
• NIST CSF Framework.
• ITIL & COBIT Standards.
• SABSA Framework.
• Network access, identity and access management, and access authentication methods.
• Operating systems, network traffic protocols, methods, management and systems testing and evaluation methods.
• Application firewall concepts and functions.
• Confidentiality, integrity and availability requirements and data security standards relating to personally identifiable information
• Configuration management techniques, embedded systems and how cybersecurity controls can be applicable to them.
• Network design processes, including security objectives, operational objectives and trade-offs.
• Network hardware devices and functions, network technologies and multi-level security systems and cross domain solutions.

Qualifications:
• Bachelor's degree in computer science, software engineering, information systems, or a related field.
• 7-15 years of experience in information security and IT risk management.
• Experience working with common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT
• CISSP, CISM, CISA, CEH, SABSA Chartered Security Architect, CompTIA Security+ or equal certifications.

About the Company

We are a national group formed on the foundations of social responsibility and building the acquired value with hard work and quality of outputs that contribute to creating a fertile production environment for our esteemed customers so that they can present their work in accordance with standards of balanced performance that ensures continuity and reduces the expected risk.