Senior Development Engineer (Back End)
Mashreq Dubai, United Arab Emirates
Aramco Digital Dammam, Saudi Arabia Posted: 05 Aug 2024
About the Job
The Cybersecurity Infrastructure Governance VP is responsible for leading and overseeing the governance of cloud cybersecurity infrastructure within the organization. This role ensures compliance with cloud security standards, technical configuration guidelines, and patch management. Additionally, the Head of Cloud Cybersecurity Infrastructure Governance oversees application security assurance and manages the cloud posture through Cloud Security Posture Management (CSPM) tools. This position plays a critical role in ensuring the security and compliance of the organization's cloud environment.
Responsibilities:
Security Compliance:
Develop and maintain a security strategy and roadmap that aligns with the organization's overall cybersecurity strategy and business objectives, covering Cloud, Network, 5G, IoT, IIoT, and AI. Develop, review, and enforce infrastructure security policies, standards, and procedures for secure cloud usage, data protection, access controls, encryption, and incident response. Collaborate with internal audit teams, external auditors, and regulatory authorities to demonstrate compliance and address audit findings.
Technical Configuration Compliance:
Review enterprise infrastructure architectures, configurations, and deployment models for alignment with industry best practices and defined security frameworks. Establish and maintain technical configuration standards for cloud infrastructure, ensuring adherence to security standards, and overseeing the tracking of changes throughout the IT asset lifecycle. Develop hardening measures to reduce the attack surface and mitigate common security vulnerabilities.
Patch Management:
Oversee the development and implementation of patch management processes for enterprise infrastructure, ensuring timely and effective patching of vulnerabilities. Ensure governance over patch management processes to identify, prioritize, test, and deploy security patches and updates across cloud platforms.
Application Security Assurance:
Oversee the implementation of application security controls and assurance processes in the cloud, including secure coding practices and vulnerability assessments. Define and promote secure coding standards and oversee teams performing static code analysis and dynamic application security testing.
Cloud Security Posture Management (CSPM):
Implement and manage Infrastructure Security Posture Management tools to continuously monitor and assess the security posture of the organization's infrastructure. Guide the team on utilizing automation tools and scripts to automate remediation actions and enforce security controls.
Minimum Qualifications:
Company Overview
Aramco Digital is the digital and technology subsidiary of Saudi Aramco, committed to driving digital transformation and technological innovation across various sectors. The organization aims to create a thriving national digital ecosystem and spearhead AI and digital innovation worldwide.
Mashreq Dubai, United Arab Emirates
Canonical Dubai, United Arab Emirates
Dautom Ajman, United Arab Emirates
Canonical Dubai, United Arab Emirates
Ernst & Young Dubai, United Arab Emirates
Canonical Riyadh, Saudi Arabia
Aramco Digital is the digital and technology subsidiary of Saudi Aramco. Committed to driving digital transformation and technological innovation across various sectors, Aramco Digital aims to create a thriving national digital ecosystem and spearhead AI and digital innovation worldwide.