Cybersecurity Architect Expert

JOB PURPOSE / ROLE:

Provide deep subject-matter expertise SIMAH’s cybersecurity architecture and assurance function, ensuring that all technology systems, applications, and infrastructure are designed, deployed , and maintained securely in alignment with SIMAH’s cybersecurity strategy, regulatory obligations, and industry best practices.

AREAS OF RESPONSIBILITY:

Strategic:

• Develop and direct the implementation of the Cybersecurity Architecture strategy ensuring alignment to SIMAH vision, mission, and corporate objectives.

Policies, Processes & Procedures

• Follows all relevant departmental policies, processes, standard operating procedures, and instructions so that work is carried out in a controlled and consistent manner.

Day- to-day operations:

• Plan, manage, and supervise both remote and onsite security testing across SIMAH’s IT infrastructure to proactively detect configuration weaknesses, vulnerabilities, and design flaws.
• Ensure all acquired, developed, and implemented systems conform to SIMAH’s cybersecurity architecture standards and regulatory frameworks, including SAMA CSF and NCA ECC requirements.
• Enhance application security assessment processes, including secure code reviews, vulnerability scanning, and penetration testing, ensuring alignment with recognized industry standards and SIMAH’s internal methodology
• Collaborate with IT and relevant stakeholders to design and execute controlled offensive security exercises such as physical security tests, wireless network assessments, and social engineering campaigns (e.g., simulated phishing).
• Provide expert security reviews of application and infrastructure designs (covering web, mobile, APIs, and microservices) to validate adherence to secure architecture and design best practices.
• Define, review, and approve security requirements throughout the software development lifecycle (SDLC), ensuring that security artefacts, documentation, and controls are embedded from design to deployment.
• Monitor periodic security posture assessments of SIMAH’s infrastructure, servers, databases, networks, and cloud environments, identifying risks, evaluating control effectiveness, and recommending mitigation strategies.
• Provide expert guidance in defining security architecture requirements for new initiatives, ensuring alignment with SIMAH’s cybersecurity strategy, regulatory mandates, and technology roadmap.
• Drive maturity enhancement of the cybersecurity architecture and assurance practices by adopting new frameworks, tools, and methodologies to strengthen SIMAH’s overall security resilience.

Continuous Improvement and Innovation

• Support in Overseeing the overall Cybersecurity Architecture activities within SIMAH and continuing the progress within the department.
• Assess periodically the employee relation processes and ensure the complete processes.

People Management

• Ensures subordinates have clear objectives, regular performance feedback sessions, formal annual appraisals, and individual development plans, with particular emphasis on the development of talented Saudi national staff.

Reporting

• Assists in the preparation of timely and accurate reports of SIMAH to meet company and department requirements, policies, and standards.

QUALIFICATIONS & EXPERIENCE:

Minimum Qualifications:

• Bachelor’s degree in computer science, Cybersecurity, or a related discipline.
• Professional qualifications or certifications such as SABSA, CISSP, CISM, OSCP, or GIAC-GDSA are preferred.

Minimum Experience:

• 6-8 years of progressive experience in cybersecurity architecture, assurance, or offensive security roles.

Language:

• English: Advanced

SOFT SKILLS & TECHNICAL KNOWLEDGE AREAS:

• technology controls and emerging threats
• Risk and Control Self-Assessment
• Knowledge of security implementations and IT risks
• Knowledge of business continuity and disaster recovery
• Quality management
• Delegation abilities
• Compliance & Regulatory Requirements
• Analytical Ability
• Business Acumen
• Decision Making
• Critical Thinking skills