Senior Security Architect
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Acuative Middle East seeks a Security Architecture & GRC Lead to lead security architecture and governance initiatives. The role defines security standards, conducts secure design reviews, drives Zero Trust, and ensures GRC alignment.
Key Skills for This Role
Responsibilities
- Develop and maintain the organization's cybersecurity architecture strategy, standards, and reference architectures
- Review and approve solution architectures to ensure compliance with security policies and industry best practices
- Define security requirements for new technologies, applications, cloud services, and infrastructure projects
- Lead security architecture reviews for new and existing systems
- Conduct threat modeling and security design assessments
- Define and maintain enterprise network segmentation strategies
- Lead the design and implementation of Zero Trust Architecture (ZTA)
- Ensure security architecture aligns with organizational risk management and compliance requirements
- Support risk assessments for new technologies and architectural changes
- Provide technical security consultation to business and technology stakeholders
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related field
- 7+ years of experience in cybersecurity, with at least 3 years in security architecture, enterprise security, or GRC
- Demonstrated experience designing secure enterprise, cloud, and hybrid architectures
- Strong understanding of security governance and architecture review processes
- Experience leading cross functional security initiatives
Full Job Posting
Job Summary
- The Security Architecture & GRC Lead is responsible for leading the organization's security architecture and governance initiatives.
- Ensures security is embedded into the design, implementation, and operation of business and technology solutions.
- Focuses on defining security architecture standards, conducting secure design reviews, driving network segmentation and Zero Trust initiatives, and ensuring alignment with GRC requirements.
Security Architecture
- Develop and maintain the organization's cybersecurity architecture strategy, standards, and reference architectures.
- Review and approve solution architectures to ensure compliance with security policies and industry best practices.
- Define security requirements for new technologies, applications, cloud services, and infrastructure projects.
- Ensure security controls are incorporated throughout the system development lifecycle (SDLC).
- Provide technical guidance on secure architecture patterns for on premises, cloud, and hybrid environments.
- Evaluate emerging technologies and recommend secure implementation approaches.
- Maintain architecture documentation, standards, and security design patterns.
Secure Design Reviews
- Lead security architecture reviews for new and existing systems.
- Conduct threat modeling and security design assessments.
- Identify architectural risks and recommend mitigation strategies.
- Validate compliance with security architecture standards before production deployment.
- Review application, network, cloud, and infrastructure designs.
- Collaborate with project teams to integrate security early in project lifecycles (Shift Left).
- Review security exceptions and provide risk based recommendations.
Network Segmentation & Zero Trust
- Define and maintain enterprise network segmentation strategies.
- Lead the design and implementation of Zero Trust Architecture (ZTA).
- Develop security zoning and trust boundary models.
- Review micro segmentation and software defined perimeter (SDP) implementations.
- Define identity based access models aligned with Zero Trust principles.
- Collaborate with network and cloud teams to implement secure connectivity models.
- Ensure least privilege access and continuous verification principles are embedded across enterprise environments.
Governance, Risk & Compliance (GRC)
- Ensure security architecture aligns with organizational risk management and compliance requirements.
- Support risk assessments for new technologies and architectural changes.
- Develop and maintain security architecture standards, policies, and technical baselines.
- Provide technical input into governance forums and architecture review boards.
- Support internal and external audits related to security architecture and technical controls.
- Review and approve security related exceptions and compensating controls.
Collaboration & Advisory
- Partner with Enterprise Architects, Infrastructure, Cloud, Network, and Application teams throughout project delivery.
- Provide technical security consultation to business and technology stakeholders.
- Mentor engineering teams on secure architecture principles and security best practices.
- Participate in technology selection and vendor security evaluations.
- Support incident response teams by providing architectural guidance during major security incidents.
Continuous Improvement
- Monitor emerging cybersecurity threats and evolving architecture practices.
- Review and update security architecture standards regularly.
- Promote automation and security by design practices.
- Drive continuous improvement of enterprise security architecture maturity.
- Support adoption of modern security technologies and frameworks.
Required Qualifications
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related field.
- 7+ years of experience in cybersecurity, with at least 3 years in security architecture, enterprise security, or GRC.
- Demonstrated experience designing secure enterprise, cloud, and hybrid architectures.
- Strong understanding of security governance and architecture review processes.
- Experience leading cross functional security initiatives.
Technical Skills
- Enterprise Security Architecture, Secure Solution Design, Security by Design, Threat Modeling, Security Architecture Reviews, Security Reference Architectures, IAM, PAM, API Security, Container and Kubernetes Security, Cloud Security Architecture (AWS, Azure, OCI, GCP).
- Network Segmentation, Micro Segmentation, Zero Trust Architecture (NIST SP 800 207), SDP, SDN, Firewalls, NGFW, Secure Remote Access, NAC, VPN, DNS Security.
- Security Policies and Standards, Security Control Frameworks, Risk Assessments, Technical Risk Analysis, Security Exceptions Management, Control Validation, Compliance Assessments, Security Baselines.
Knowledge Areas
- Zero Trust Architecture (NIST SP 800 207), SABSA, TOGAF (preferred), ISO/IEC 27001 and ISO/IEC 27002, NIST CSF, NIST SP 800 53, CIS Critical Security Controls, OWASP ASVS and Top 10, SSDLC, CSA Cloud Controls Matrix, MITRE ATT&CK Framework.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Acuative Middle East
Power BI Developer
Jeddah, KSA
Acuative Middle East is seeking a highly skilled Power BI Developer to design, develop, and maintain enterprise reporting and BI solutions. The role requires strong experience in Power BI, SQL, data visualization, report
Network Security Architect
Jeddah, KSA
Acuative Middle East is hiring a Network Security Architect to administer, operate, and improve network and infrastructure security. The role focuses on firewalls, IPS, secure connectivity, and enterprise security infras
Compliance Manager
Jeddah, KSA
Acuative Middle East seeks a Compliance Manager (GRC Lead) to lead cybersecurity governance, risk management, and compliance. The role requires expertise in NCA ECC, NIST CSF, ISO 27001, and ICAO standards, with at least
Endpoint & Email Security Engineer
Jeddah, KSA
We are seeking an Endpoint & Email Security Engineer to operate, administer, and optimize endpoint and email security platforms. The role involves monitoring, investigating, and remediating security incidents, managing s
Senior Security Architect
Jeddah, KSA
Acuative Middle East seeks a Senior Security Architect to define and advance cybersecurity architecture across enterprise, cloud, network, and application environments. The role leads secure design reviews, Zero Trust Ar
Risk & Governance Analyst
Jeddah, KSA
Acuative Middle East is seeking a Risk & Governance Analyst to support its cybersecurity GRC program in Jeddah. The role involves managing the risk register, conducting control assessments, and supporting compliance with
Security Operations Manager
Jeddah, KSA
Acuative Middle East seeks a Security Operations Lead to manage the SOC, oversee security analysts, and drive incident response. The role requires 7+ years of cybersecurity experience with at least 3 years in a senior SO
Power BI Developer
Jeddah, KSA
Acuative Middle East seeks a Power BI Developer to design, develop, and maintain enterprise reporting and BI solutions. The role requires strong experience in Power BI, SQL, data visualization, and Python scripting, with
Power BI Developer
Jeddah, KSA
Network Security Architect
Jeddah, KSA
Compliance Manager
Jeddah, KSA
Endpoint & Email Security Engineer
Jeddah, KSA
Senior Security Architect
Jeddah, KSA
Risk & Governance Analyst
Jeddah, KSA
Security Operations Manager
Jeddah, KSA
Power BI Developer
Jeddah, KSA