Senior Manager - Cyber Security Architect (Emirati Talent)

Senior Manager - Cyber Security Architect (Emirati Talent)

Accountable for establishing and governing the enterprise cybersecurity architecture. The role sets the target architecture, standards and roadmap, evaluates and introduces emerging security technologies, and assists in major incident response. The architecture team, under this leadership, conducts threat modeling, design reviews and risk assessments, maintains architecture artifacts, embeds security in the SDLC and change management processes, and handles routine system access and authorization requests. Together they ensure secure systems, stronger resilience and reduced risk. The role aligns all activities with recognised frameworks (ISO 27001, SANS/CIS Controls, NIST CSF, MITRE ATT&CK) and regulatory requirements (Dubai ISR, Dubai Data Privacy Law) to reduce risk and strengthen resilience.

Key Responsibilities

• Enterprise Security Architecture Strategy

  Define and maintain the target security architecture, standards and multiyear roadmap aligned to business objectives and risk appetite.

  Enforce design principles (e.g., secure by design, zero trust, least privilege) and evaluate high risk or exception designs, ensuring mitigations and acceptable residual risk before authorization.

  Direct and quality assure threat modeling, solution design reviews and risk assessments performed by the architecture team using methodologies such as STRIDE and MITRE ATT&CK.

• Secure SDLC Integration

  Embed security requirements, checkpoints and automation (DevSecOps) across the Software Development Life Cycle to ensure consistent secure delivery.

• Change Management Security Oversight

  Integrate security review into change processes, ensuring risk assessment and appropriate controls for technology changes.

• Identity & Access Governance

  Monitor system access and authorization activities, intervening and approving complex or exceptional requests to enforce segregation of duties and least privilege.

• Vendor & Third Party Assurance

  Set architectural security requirements for suppliers and review designs to manage supply chain and integration risks.

• Compliance & Regulatory Alignment

  Ensure architectures meet internal policies and external obligations including Dubai ISR, Dubai Data Privacy Law, ISO 27001 and related standards.

• Metrics & Reporting

  Define and report KPIs/KRIs on architecture adoption, risk reduction and control coverage to senior stakeholders.

• Stakeholder Communication

  Translate complex security architecture issues into clear business impact narratives for executives and project teams.

• Team Leadership

  Lead, mentor and develop the security architecture team, fostering continuous improvement, knowledge sharing and succession readiness.

Qualifications, Experience & Skills

• Essential Qualification: Bachelor degree in Computer Science / Cybersecurity / Security & Networking Technologies.
• Desirable Qualification: Cybersecurity Certifications such as GDSA, CISSP, CISM, SABSA (SCF/SCP), TOGAF.
• Work Experience: 4 - 9 years of work experience in enterprise architecture teams in large, complex environments.