Cybersecurity Architect

Job Description

Duties & Responsibilities:

Architecture and Design:
• Design and implement enterprise security architecture aligned with business goals and regulatory
requirements.
• Develop and maintain security reference architectures, blueprints, and technical standards.
• Evaluate and recommend new security technologies, tools, and methodologies.
• Integrate security into infrastructure, application development, and cloud environments (AWS,
Azure, GCP).
• Ensure secure configuration of network and system architectures, including identity, access, and
encryption controls.
• Document and address organization’s security architecture, and systems security engineering
requirements throughout the acquisition life cycle.
• Work with agile team members to conduct fast prototyping, feasibility studies and evaluation of
new technologies.
• Ability to design architectures and frameworks in line with security policies and standards.

Risk Management and Assessment:
• Conduct security risk assessments and threat modeling for new systems and projects.
• Perform cybersecurity reviews and identify gaps in security architecture, to develop cybersecurity
risk management plans.
• Identify potential vulnerabilities and design mitigation strategies.
• Collaborate with IT and DevOps teams to ensure security requirements are addressed in system
design and implementation.
• Recommend cost-effective security controls to mitigate risks identified through testing and review.

Governance and Compliance:
• Ensure security architectures comply with relevant frameworks and regulations (e.g., NCA, NIST, ISO
27001, CIS Controls, PCI DSS, GDPR, HIPAA).
• Support internal and external audits by providing evidence of secure design and implementation.
• Develop and maintain security documentation, including standards, procedures, and technical
guides.
Incident Response and Operations Support:
• Provide expert support during security incidents and forensic investigations.
• Collaborate with SOC, Threat Intelligence, and Incident Response teams to improve detection and
response capabilities.
• Activate the incident response plan and coordinate with relevant teams for containment and
mitigation.
• Develop and recommend security automation and orchestration improvements.
Collaboration and Leadership:
• Act as a subject matter expert (SME) in cybersecurity architecture across the organization.
• Mentor and guide junior security engineers and analysts.
• Present security designs and risks to senior leadership in business terms.

Required Skills & Attributes:

• Experience in cybersecurity or IT architecture roles.
• Proven experience designing and implementing enterprise or cloud security solutions.
• Hands-on experience with network security, identity and access management (IAM), and encryption
technologies.
• Experience securing hybrid cloud environments (AWS, Azure, GCP).
• Excellent written and verbal communication skills.
• Deep understanding of cybersecurity principles, frameworks, and technologies.
• Strong knowledge of network architecture, firewalls, VPNs, and intrusion detection/prevention
systems.
• Experience with SIEM, SOAR, and endpoint protection platforms.
• Knowledge of secure coding practices and application security (DevSecOps).
• Excellent analytical, organizational, and documentation skills.
• Ability to translate complex technical issues into business-relevant risks.
• Detail-oriented with a proactive approach to problem-solving.
• Good interpersonal skills.
• Good problem solving and negotiation skills.
• Flexible to travel to other client Group or Clients sites/Branches.

Technical Training & Certifications:

To ensure maintaining his achieved advanced certifications in related track/field.
To be able to pursue new technical tracks, diversifying his technical knowledge and expertise; such as:
• Certified Information Security Manage (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• SABSA (Sherwood Applied Business Security Architecture)
• TOGAF (The Open Group Architecture Framework)
• Vendor-specific cloud certifications (AWS Security Specialty, Azure Security Engineer, etc.)