Aramco Digital Circular Logo

Cybersecurity Infrastructure Governance Director

Aramco Digital Dammam, Saudi Arabia Posted: 04 Jul 2024


  • Estimate: $160k - $220k*
  • Zero income tax location


  • Office Only
  • Visa Provided


  • Experience: Senior
  • English: Professional


About the job

The Cybersecurity Infrastructure Governance Director is responsible for leading and overseeing the governance of cloud cybersecurity infrastructure within the organization. The role will ensure compliance on cloud security standards, technical configuration guidelines, and patch management. The Head of Cloud Cybersecurity Infrastructure Governance also oversees application security assurance and manages the cloud posture through Cloud Security Posture Management (CSPM) tools and plays a critical role in ensuring the security and compliance of the organization's cloud environment.


  • Security Compliance: Develop and maintain a security strategy and roadmap, aligning it with the organization's overall cybersecurity strategy and business objectives that cover Cloud, Network, 5G, IoT, IIoT, and AI amongst other enterprise-wide infrastructure security requirements. Develop, review, and enforce infrastructure security policies, standards, and procedures to establish guidelines for secure cloud usage, data protection, access controls, encryption, and incident response. Develop risk mitigation strategies, controls, and remediation measures to address identified risks effectively in the cloud. Collaborate with internal audit teams, external auditors, and regulatory authorities to demonstrate compliance and address audit findings. Monitor and analyze cloud incident and threat intelligence data to identify patterns, trends, and potential risks. Use this information to enhance enterprise infrastructure security controls and proactively mitigate emerging threats.

  • Technical Configuration Compliance: Review enterprise infrastructure architectures, configurations, and deployment models on their alignment with industry best practice, defined security frameworks of the organization aligned to regulatory guidelines. Establish and maintain technical configuration standards for cloud infrastructure components, ensuring adherence to security best practices and industry standards and oversee the tracking of changes to IT assets, configurations, and settings throughout their lifecycle. Develop configuration hardening measures to reduce the attack surface and mitigate common security vulnerabilities and misconfigurations. Oversee the documentation of security baseline configurations, standard operating procedures (SOPs), and configuration management plans for IT systems and environments.

  • Patch Management: Oversee the development and implementation of patch management processes for enterprise infrastructure (Cloud, Network, 5G, IoT, IIoT, and AI, etc.), ensuring timely and effective patching of vulnerabilities to mitigate security risks. Ensure governance of patch management processes to identify, prioritize, test, and deploy security patches and updates for operating systems, software applications, firmware components of the cloud infrastructure across cloud platforms (distributed edge, HPC, Sovereign). Ensure the implementation of timely patching of vulnerabilities to mitigate risks.

  • Application Security Assurance: Oversee the implementation of application security controls and assurance processes in the cloud environment, including secure coding practices, vulnerability assessments, penetration testing, and reviewing of firewalls. Define and promote secure coding standards, best practices, and coding guidelines for developers. Oversee the team that performs static code analysis and dynamic application security testing to identify security vulnerabilities, code-level weaknesses, and runtime errors in software applications and guide them in leveraging automated testing tools to assess application security. Define secure configuration management practices for application servers, web servers, databases, and middleware components.

  • Cloud Security Posture Management (CSPM): Implement and manage Infrastructure Security Posture Management tools to continuously monitor and assess the security posture of the organization's Cloud, Network, 5G, IoT, IIoT, and AI, etc. infrastructure. Prioritize and remediate security vulnerabilities, configuration errors, and non-compliant settings to reduce risk exposure and strengthen the security posture of the cloud. Define security baselines and configuration profiles for cloud services and resources, including virtual machines, containers, databases, and storage buckets. Guide the team on utilizing cloud-native automation tools, scripts, and APIs to automate remediation actions and enforce security controls. Coordinate and participate in cloud security audits and assessments to evaluate the effectiveness of security controls, identify gaps, and recommend remediation actions.

Minimum qualifications:

  • Bachelor’s or master’s degree in computer science, information technology, cybersecurity, or a related field required.
  • At least 15 years of experience in working in cybersecurity with proven experience in cloud security governance, technical configuration, compliance, and incident response. At least 4-5 years of experience in leading Cloud Network, 5G, IoT, IIoT, and AI security for a mid to large size organization and proven experience in conducting cloud security assessments. Professional certifications in cloud security, such as CCSP (Certified Cloud Security Professional) or CCSK (Certificate of Cloud Security Knowledge), are highly desirable.
Apply now

Jobs you might like   View all jobs

About Aramco Digital

Aramco Digital is the digital and technology subsidiary of Saudi Aramco. Committed to driving digital transformation and technological innovation across various sectors, Aramco Digital aims to create a thriving national digital ecosystem and spearhead AI and digital innovation worldwide.