Cyber Security Architect

We are seeking a highly skilled and motivated Cyber Security Architect with strong system, on prem and Cloud Security expertise to oversee and enhance the organization’s internal security architecture, controls, and policies while actively contributing to external security initiatives and projects.

This role combines strategic architecture leadership, hands-on implementation, security research, operations oversight, and cloud security engineering, with a strong focus on Microsoft environments such as Microsoft 365, Microsoft azure , and OS security.

The ideal candidate will possess deep expertise in enterprise security architecture, domain security, on-prem and hybrid infrastructure protection, cloud-native security controls, and DevSecOps integration.

Experience Requirements

• Minimum 7+ years in system and Cloud Security role.
• Proven experience in enterprise security architecture (on-prem + cloud)
• Experience in security research, security operations, and security assurance
• Experience in setting and documenting security processes and procedures in compliance with Qatar NCSA guidelines and security best practices.
• Experience in operating system and infrastructure hardening.

Key Responsibilities

• Design, implement, and maintain enterprise-wide security architecture for the company internal security, user devices, cloud, and hybrid environments.
• Develop and enforce security policies, standards, and procedures.
• Lead security risk assessments and define mitigation strategies.
• Align security controls with business objectives and regulatory requirements.
• Oversee internal security governance and compliance frameworks (ISO 27001, NIST, CIS).
• Architect and secure Azure cloud environments (IaaS, PaaS, SaaS).
• Implement cloud-native and third-party security controls.
• Conduct detailed security assessments of cloud services to ensure compliance with internal policies and industry frameworks.
• Identify and remediate misconfigurations using automated scanning and manual inspection.
• Implement secure cloud architecture patterns and service integrations.
• Contribute to threat modeling and cloud risk assessments.
• Ensure secure hybrid integration between on-prem and Azure environments.
• Secure Active Directory and domain environments.
• Implement GPO hardening and identity security controls.
• Manage IAM, RBAC, MFA, and privileged access strategies.
• Harden Windows/Linux servers and enterprise endpoints.
• Oversee firewall configurations, IDS/IPS, VPN security, and segmentation.
• Implement encryption and data protection strategies.
• Perform vulnerability assessments and coordinate penetration testing.
• Develop scripts and automation tools (PowerShell, Python, Bash) to enhance monitoring and compliance validation.
• Integrate security controls within CI/CD pipelines (DevSecOps practices).
• Monitor emerging threats, tools, and vulnerabilities.
• Evaluate security technologies and recommend improvements.
• Contribute to threat modeling exercises.
• Participate in external security architecture and implementation projects.
• Provide technical advisory for client-facing security initiatives.
• Review third-party security integrations and solutions.
• Support pre-sales security design when required.
• Conduct risk assessments and compliance audits.
• Ensure adherence to CIS Benchmarks, NIST, ISO 27001.
• Develop remediation guidance and contribute to policy development.
• Participate in external security architecture and implementation projects.
• Provide technical advisory for client-facing security initiatives.
• Review third-party security integrations and solutions.
• Support pre-sales security design when required.

Required Technical Expertise

• Deep technical understanding and hands on of:

Cloud & Security Platforms

• Cloud security.
• Data protection strategies
• Zero Trust Architecture

Infrastructure & Systems Security

• Active Directory and Microsoft 365 hardening
• User devices security
• Domain security best practices
• Endpoint security solutions
• Hybrid identity solutions

DevSecOps & Automation

• CI/CD security integration
• Secure coding awareness
• Security automation scripting

Certifications (Required / Strongly Preferred)

• CISSP – Certified Information Systems Security Professional
• CCSP – Certified Cloud Security Professional
• CISM – Certified Information Security Manager
• Microsoft Azure Security Engineer Associate (AZ-500)
• CompTIA Security+ (Foundational)

Education

Bachelor’s degree in Cyber Security, Computer Science, Information Systems, or related field (Master’s preferred).

Job Type: Full-time