Cloud Security Architect lead

Main Job Purpose:

Evaluate, architect and implement Cloud-based solutions from Cybersecurity perspective in a large scope environment covering business solutions and applications to mitigate risks and protect corporate assets from external attacks.

Conduct security & risk assessment of new/existing Cloud-based infrastructure, systems, and services, identify risks, propose proper mitigations, guide and collaborate with different stakeholders, teams and business functions to apply those mitigations and improve Cloud security posture.

Objectives:

Architect, evaluate and Improve security architecture of Cloud-based solutions.

Participate in new Cloud-based projects and recommend best practices.

Improve security posture of apps/systems by implementing CASB/DLP solutions.

Assess & mitigate risks associated with Cloud infrastructure and services.

Improve data & application security based on regular risk assessment.

Communicate with stakeholders to build secure Cloud architect & mitigate risks.

Prepare proposals of new projects and engage with external vendors & CSP.

Accountabilities:

Evaluate, architect and implement Cloud-based solutions and applications covering multiple business functions in a hybrid large scope environment, knowledge of Cloud migrations approaches, deployment methodologies and participate effectively in new projects.

Conduct security and risk assessment of Cloud-based Infrastructure, applications, services and technologies, identify risks, propose proper mitigations and communicate with stakeholders and different business functions regarding findings & proper mitigations.

Evaluate, architect and improve data security & application security technologies like WAF/OWASP protection, encryption at REST, in Transit, in display (masking), key management, identity and access management, network security within SaaS, IaaS, PaaS, and other cloud environments.

Assess and recommend Cloud architecture methodologies like Cloud native architecture, monolithic architecture, and microservices architecture.

Collaborate with business stakeholders to enforce information security principles (CIA Triad), network security, APIs security and SDLC security best practices.

Creates and maintains architecture diagrams and documentation of Hybrid Cloud-based solutions and business applications.

Engage with external vendors, third parties, and Cloud service providers to prepare proposals of new projects and initiatives.

Assess and recommend Key Vaults, Secret Management systems like Azure Key Vault, HSM, PKI, Trusted Certificate Authorities.

Working Environment:

The position follows the normal working environment of the organization.

Indoor: This position is mainly indoor.

Outdoor: Based on business needs.

Competencies & Skills: 

Teamwork skills.

Communication skills.

Learning abilities.

Growth mindset

Positive Attitude & Culture

Organizational skills.

Responsibility & Ownership

High Quality of work

Actively listening skills.

Improvement initiatives

Stakeholder management

English Language proficiency

Education:

Computer Engineering, Communication Engineering, Computer Science, or an equivalent academic graduation degree.

Cloud certifications like Azure Security Technologies Engineer (AZ-500), Azure

Solutions Architect Expert (AZ-303 + AZ-304), Azure Cloud Administrator (AZ-

104), Azure Network Engineer (AZ-700), Microsoft Active Directory certificate.

Information Security certification is preferred, CCAK, CCSK, CCSP, SSCP, CISSP, CISA, CompTIA Cloud+, CompTIA Network+, CompTIA Security+.

Basic Knowledge of information security industry, regulatory and compliance standards such GDPR, PCI-DSS, ISO 27001, NIST CSF, NIST RMF is highly desired.

Experience:

Minimum 7 years of Experience in Information Technology or Information Security field, specifically three years of them focusing on Cloud Security.

Proven Cloud experience with Microsoft Azure Cloud including IaaS, PaaS, SaaS, Azure AD, SQL DB, VMs, APP Services, VNET, NSG, NVA, Firewall, WAF, DDoS, VPN Gateway, API Gateway, Storage Account, Defender for Cloud (Azure Security Center), Defender for Cloud APPs (CASB/MCAS), Volume Storage (Managed Disks), Cryptography keys management and Encryption algorithms.

Solid knowledge of Microsoft 365 technology stack including Exchange online, SharePoint online, Teams, OneDrive, M365 Security center, M365 Compliance center, Defender for Endpoint, Intune MDM/MAM, Hybrid SCCM.

Evaluate, architect, and implement Cloud-based solutions and applications covering multiple business functions in a hybrid large scope environment, knowledge of Cloud migrations approaches, deployment methodologies and participate effectively in new projects.

Conduct security and risk assessment of Cloud-based Infrastructure, applications, services, and technologies, identify risks, propose proper mitigations and communicate with stakeholders and different business functions regarding findings & proper mitigations.

Languages:

English Fluent

Arabic Fluent