Infrastructure & Security Architect

The Landmark Group began its journey in 1973 with one store in Bahrain and has grown into one of the largest retail and hospitality conglomerates in the Middle East, Africa, and India. Currently, the Group operates over 2,200 outlets, encompassing over 30 million square feet across 21 countries.

Job Purpose

The Infrastructure and Security Architect is responsible for designing, implementing, and maintaining enterprise-wide infrastructure and security architectures that are scalable, resilient, and secure. This role serves as the technical leader for infrastructure strategy, ensuring all systems meet business requirements while adhering to industry best practices and compliance standards.

Key Focus Areas:

• Design Robust Infrastructure: Architect and implement scalable, highly available cloud and on-premises infrastructure solutions aligned with business objectives
• Lead Security Strategy: Establish comprehensive security frameworks, policies, and controls across all infrastructure components
• Drive Innovation: Evaluate emerging technologies and recommend strategic investments to enhance infrastructure capabilities and security posture

Job Description

Infrastructure Architecture

• Design and implement end-to-end infrastructure architectures spanning cloud (Azure, AWS, GCP), hybrid, and on-premises environments
• Define infrastructure standards, patterns, and best practices for compute, storage, networking, and virtualization
• Lead infrastructure modernization initiatives including cloud migration, containerization, and infrastructure-as-code adoption
• Optimize infrastructure performance, scalability, and cost efficiency across the technology estate
• Collaborate with DevOps teams to implement CI/CD pipelines and automation frameworks

Security Architecture

• Develop and maintain enterprise security architecture frameworks covering network, application, data, and endpoint security
• Implement zero-trust security models and defense-in-depth strategies across all infrastructure layers
• Design and deploy security controls including firewalls, intrusion detection/prevention systems, VPNs, and secure access solutions
• Establish identity and access management (IAM) architectures using Azure AD, SSO, MFA, and privileged access management
• Ensure compliance with security standards and regulations (ISO 27001, PCI-DSS, GDPR, NCA-ECC)

Governance & Compliance

• Define and enforce infrastructure and security governance policies, standards, and procedures
• Conduct security risk assessments, vulnerability management, and threat modeling activities
• Implement security monitoring, logging, and incident response capabilities using SIEM and SOC tools
• Manage security certifications, audits, and compliance reporting requirements
• Establish disaster recovery and business continuity plans with defined RPO/RTO metrics

Leadership & Collaboration

• Serve as subject matter expert and technical advisor for infrastructure and security initiatives
• Mentor engineering teams on architecture principles, security best practices, and technology adoption
• Collaborate with enterprise architects, application teams, and business stakeholders to align technical solutions with business needs
• Lead architectural reviews, provide technical guidance, and resolve design conflicts
• Stay current with industry trends, emerging threats, and innovative technologies

Documentation & Knowledge Management

• Create and maintain comprehensive architecture documentation, diagrams, and runbooks
• Document security policies, procedures, standards, and operational guidelines.
• Conduct knowledge transfer sessions and capability building programs for technical teams

Professional Experience :

• 15+ years of experience in infrastructure engineering and architecture roles
• 5+ years in infrastructure and security architecture
• Proven experience architecting and implementing large-scale cloud infrastructure solutions (Azure, AWS, GCP)
• Strong background in network architecture including SDN, load balancing, CDN, and hybrid connectivity
• Hands-on experience with infrastructure-as-code tools (Terraform, ARM templates, CloudFormation, Ansible)
• Deep expertise in security technologies: firewalls, IDS/IPS, SIEM, DLP, endpoint protection, encryption
• Experience with containerization and orchestration platforms (Docker, Kubernetes, AKS, EKS)
• Retail or e-commerce industry experience strongly preferred

Technical Skills

• Cloud Platforms: Azure, AWS, Google Cloud Platform, hybrid and multi-cloud architectures
• Networking: TCP/IP, DNS, DHCP, VPN, SD-WAN, load balancers, application gateways, ExpressRoute/Direct Connect
• Security: Zero-trust architecture, IAM, PAM, SIEM, SOC, vulnerability management, penetration testing
• Infrastructure: Virtualization (VMware, Hyper-V), storage systems (SAN, NAS, object storage), backup solutions
• Automation: PowerShell, Python, Bash scripting, Terraform, Ansible, Azure DevOps, GitHub Actions.
• Monitoring: Azure Monitor, CloudWatch, Prometheus, Grafana, Splunk, etc.

Required Leadership Skills

• Strategic Thinking: Ability to translate business requirements into technical architecture and long-term infrastructure strategy
• Communication: Excellent verbal and written communication skills to articulate complex technical concepts to diverse audiences
• Problem Solving: Analytical mindset with ability to troubleshoot complex infrastructure and security challenges
• Collaboration: Strong team player with experience working across organizational boundaries and with external partners.
• Innovation: Forward-thinking approach to evaluating and adopting emerging technologies and methodologies