Information Security Architect

To support our continued growth and expansion, we require an interim Information Security Architect with proven experience in delivering security outcomes for critical new projects, business change initiatives, and integrations with business partners.

Location: Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates
Job Type: 6 months contract, on-site

Responsibilities:

• Security Design & Technical Controls:

  • Provide input into the design and implementation of technical security controls for new projects, critical systems, applications, and integrations.
  • Collaborate with Product engineering, technical operations, and business teams to design secure solutions that align with project objectives and organizational security policies.
  • Ensure security controls are effectively integrated into the DevOps pipeline and CI/CD processes.
  • Implement security controls such as firewalls, access controls, encryption, and monitoring systems.

• Cloud Security Architecture:

  • Support the design and implementation of secure cloud-based architectures for new services and solutions.
  • Provide expertise in configuring and securing cloud environments according to relevant standards (e.g., ISO 27001, NIST).

• Security Assessment for Change Initiatives:

  • Conduct security impact assessments for new and existing change initiatives to identify security risks and recommend controls.
  • Define and document security controls for specific projects and systems.

• Secure Integration with Business Partners:

  • Oversee the secure integration of third-party systems and applications.
  • Evaluate partner security frameworks and provide compliance guidance.

• Security Testing & Remediation:

  • Scope and facilitate security testing activities, including penetration testing and vulnerability assessments.
  • Analyze testing results and recommend remediation actions.

• Risk Assessment & Mitigation Strategies:

  • Conduct gap analyses of security controls and configurations.
  • Document risks in a formal risk register and report findings to the Infosec Director and project stakeholders.

• Regulatory Compliance & Data Protection:

  • Ensure system architecture and technical controls align with regulatory requirements (e.g., ISO 27001, PCI DSS, UAE data protection law).
  • Support data protection efforts by mapping and classifying sensitive data.

• Knowledge Transfer and Documentation:

  • Develop detailed documentation for all deliverables.
  • Conduct knowledge transfer sessions with the security team.

Qualifications:

• Bachelor’s or master’s degree in information technology, Computer Science, Cyber Security, IT Architecture, or Software Engineering.
• Preferred certifications:
  • Certified Cloud Security Professional (CCSP)
  • Certified Information Systems Security Professional (CISSP)
  • Azure Security Engineer Associate
  • ISO27001 Lead Implementer or Lead Auditor

Experience Requirements:

• 5-10 years of hands-on experience in designing and implementing security architectures within cloud-based environments.
• Experience in information security and securing cloud environments, ideally Azure.
• Proven ability to implement security controls for cloud services.

Skills Requirements:

• Expertise in firewalls, IDS/IPS, SIEM platforms, and vulnerability management solutions.
• Familiarity with cloud-native security tools and regulatory requirements.

Language Requirements:

• Proficiency in English.

This is an exciting opportunity for professionals looking to advance their careers in the field of information security within a growing organization.