To support our continued growth and expansion, we require an interim Information Security Architect with proven experience in delivering security outcomes for critical new projects, business change initiatives, and integrations with business partners.
Responsibilities:
-
Security Design & Technical Controls:
- Provide input into the design and implementation of technical security controls for new projects, critical systems, applications, and integrations.
- Collaborate with Product Engineering, technical operations, and business teams to design secure solutions that align with project objectives and organizational security policies.
- Ensure security controls are effectively integrated into the DevOps pipeline and CI/CD processes.
- Support the implementation of security controls such as firewalls, access controls, encryption, and monitoring systems.
-
Cloud Security Architecture:
- Design and implement secure cloud-based architectures for new services and solutions with a focus on scalability and data protection.
- Provide expertise in configuring and securing cloud environments, ensuring compliance with standards (e.g., ISO 27001, NIST).
-
Security Assessment for Change Initiatives:
- Conduct security impact assessments to identify security risks and recommend controls that align with compliance and business objectives.
- Document security controls for specific projects and systems.
-
Secure Integration with Business Partners:
- Oversee the secure integration of third-party systems and services as part of business partnerships.
- Evaluate partner security frameworks and guide compliance with contractual and regulatory security requirements.
-
Security Testing & Remediation:
- Facilitate security testing activities and analyze results from testing.
- Provide actionable recommendations to enhance security controls.
-
Risk Assessment & Mitigation Strategies:
- Conduct gap analyses of security controls and perform risk assessments.
- Document risks in a formal risk register and report findings.
-
Regulatory Compliance & Data Protection:
- Ensure system architecture and controls align with regulatory requirements (e.g., ISO 27001, PCI DSS, UAE data protection law).
- Define and implement logging, monitoring, and controls to detect unauthorized data access or breaches.
-
Knowledge Transfer and Documentation:
- Develop detailed documentation for deliverables and conduct knowledge transfer sessions with the security team.
Qualifications:
- Bachelor’s or Master’s degree in Information Technology, Computer Science, Cyber Security, IT Architecture, or Software Engineering.
- Preferred certifications: CCSP, CISSP, Azure Security Engineer Associate, Azure Solutions Architect Expert, CISM, CEH, among others.
Experience Requirements:
- 5-10 years of hands-on experience in designing security architectures in cloud environments, particularly Azure.
- Demonstrated ability to deliver security solutions for time-sensitive projects and follow industry best practices.
Skills Requirements:
- Expertise with firewalls, IDS/IPS, SIEM platforms, and vulnerability management solutions.
- Strong understanding of risk management methodologies and regulatory requirements, including data privacy.
Language Requirements:
- English proficiency is required.
This position will significantly contribute to ensuring the organization's security posture and compliance with relevant standards.
Work Conditions: On-site, 6 months contract
Location: Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates
