وصف الوظيفة
Job Summary
We are seeking a dedicated Security Architect to strengthen our banking operations through the design and implementation of robust security solutions. In this pivotal role, you will collaborate closely with cross-functional teams to ensure our systems and applications are fortified against cyber threats. Your expertise will be instrumental in integrating security best practices into our technology infrastructure, safeguarding sensitive financial data, and ensuring compliance with regulatory standards.
As a Security Architect, you will have the opportunity to lead initiatives that protect our digital assets and maintain the trust of our customers. Your contributions will directly impact the resilience and integrity of our banking services in an increasingly complex cybersecurity landscape. If you are passionate about cybersecurity and thrive in a collaborative environment, we invite you to join us in shaping the future of secure banking operations.
BUSINESS BACKGROUND
In the banking sector, ensuring robust cybersecurity measures is imperative to protect sensitive financial data, maintain customer trust and adhere to stringent regulatory requirements. The role of a Security Architect is pivotal in this landscape, responsible for designing and implementing security solutions that safeguard against sophisticated cyber threats such as data breaches, fraud, and malware attacks.
As financial institutions increasingly rely on digital platforms for transactions and client interactions, the Security Architect plays a crucial role in integrating security controls seamlessly into organization’s technology infrastructure. This includes collaborating closely with IT teams, development groups, and compliance officers to ensure that security measures are not only effective but also compliant with industry standards and regulations such as GDPR, PCI-DSS, and local banking regulations.
Moreover, the Security Architect must stay abreast of emerging cybersecurity trends and technologies to proactively address potential vulnerabilities and adapt security strategies accordingly. By maintaining a proactive approach to cybersecurity, the Security Architect helps mitigate risks, protect sensitive financial information, and uphold the integrity of banking operations in an increasingly interconnected digital ecosystem.
Key Responsibilities
KEY STAKEHOLDERS
- Lines of Business and Ventures
- Tech Organization and Platform Owners
- Engineering Teams
- Compliance and Risk Management
- Executive Management
- Audit
- Suppliers and partners
RESPONSIBILITIES
A Security Architect will be responsible for one or more of the following at the same time.
- Create Security Architectures
- Develop comprehensive security architectures for our banking systems, platforms, and applications, ensure they align with industry standard and best practices.
- Automate Security Design
- Implement and manage blueprints templates to standardize and automate security measures and controls across security domains and platforms.
- Establish Security Architecture Methodologies and Frameworks
- Establish security principles, policies, standards, methodologies, and frameworks for various platforms used by the Group to run its business.
- Security Architecture Governance
- Participate in the governance forums of Business Units to ensure Enterprise Security Architecture practices are carried out and provide the necessary support to enable Security Architecture practices within the Lines of Businesses.
- Collaborate with Delivery Teams
- Work closely with development and IT teams to integrate security measures into the software development lifecycle (SDLC), ensuring that security is prioritized from design through deployment.
- Conduct Risk Assessments
- Perform regular risk assessments and vulnerability assessments to identify potential security weaknesses and develop effective mitigation strategies.
- Achieve systemic risk reduction
- Lead security domain practices to create security strategy for the domain, including baseline security architecture, target security architecture, roadmaps, risks and mitigation plans.
- Evaluate and Recommend Security Technologies
- Stay current with emerging security technologies and trends, evaluate their applicability to our environment, and recommend solutions that enhance our security posture
متطلبات الوظيفة
- Bachelor’s degree in computer science, Information Security, or in a related field.
- Candidate should have minimum of 5 years of experience as a Security Architect or in a similar role within information security in the Saudi Arabian banking sector.
- Proven experience as a Security Architect in the following security areas such as Secure Development, API, Container and k8s Security.
- Strong understanding of Secure development lifecycle and practices, CI/CD (e.g. Azure DevOps) as well as Application security. Hands-on experience with integrating security into the development lifecycle and secure development pipelines.
- Knowledge and proven experience in API development using backend for frontend (BFF) design. Familiar with securing API routes and endpoints
- Knowledge and proven experience in creating secure Container image for deploying and running API and Application server
- Have experience in both frontend and backend development.
- Familiarity with Blueprints templates (e.g. Microsoft Cloud Security Benchmark, Azure Security baselines) for designing a Secure Architecture is a plus.
- Excellent analytic and problem-solving skills with a proactive mindset.
- Strong communication skills, capable of conveying complex security concepts to technical and non-technical stakeholders.
- Effective collaboration, capable of working with cross-functional teams, including IT, legal, compliance, and business units.
- Demonstrated ability to adapt to changing technologies, security threats, and business needs, while maintaining a proactive approach to security.