Cybersecurity Application and Cloud Architecture Advisor - SMP

NEOM • Contract • شرماء, SA • 3w ago

***Clarification on SMP Contract: It is Supplementary Manpower service contract job in which prospective applicants are interviewed and salary determined by NEOM interview panel; and being employed under the payroll of SMP Contract (SMP Vendor). Successfully mobilized candidates would be under the visa sponsorship of SMP Vendor Company/Contract.

ROLE OVERVIEW

The Application and Cloud Architecture Advisor will play a critical role in developing and maintaining the Reference Security Architecture to protect NEOM’s digital assets, systems, and data. This position will ensure that cybersecurity architecture aligns with and fulfils business objectives, compliance requirements, and industry best practices.

ROLE COMPETENCIES & ACTIVITIES

The Cybersecurity Application and Cloud Architecture Advisor responsibilities will include, but not be limited to::

Function-specific Responsibilities

Develop, maintain, and periodically review the Reference Security Architecture following the SABSA framework.
Gathering business requirements for Cybersecurity solutions, and translating this into security architecture design.
Assist in evaluating and recommending security vendors, technologies, tools, and solutions to enhance NEOM’s security posture.
Ensuring that Cybersecurity solutions meet enterprise security architecture requirements.
Supporting GRC to ensure Cybersecurity architecture, solutions, services and platforms used by NEOM are compliant with NCA and other regulatory requirements.
Defining baseline/benchmark/checklist for Cybersecurity Control Reviews.
Work closely with the rest of the CEA team to deliver CEA function’s service catalogue to a high standard.
Build relationships, and work closely with key stakeholders across and outside NEOM.
Act as a Subject Matter Expert for Cybersecurity and provide consultation to internal and stakeholders on technical issues and matters related to CEA.
Ensuring security architecture is in line with the latest trends and developments in Cybersecurity.
Developing best practices security architecture for security controls and non-security controls.
Defining security architecture for IT, IT-OT, Multi-Cloud, Hyper Cloud and emerging technology e.g. AI, Machine Learning , Blockchain, IoT.
Creating cybersecurity architecture standards to support NEOM RSA – Reference Security Architecture.
Designs and oversees the development, implementation and configuration of cybersecurity systems and networks.
Perform cybersecurity reviews and identify gaps in security architecture, to develop cybersecurity risk management plans.
Collaborate with software development teams to integrate security practices into the software development lifecycle (SDLC).
Creating best practice configuration standards that follow industrial benchmark (e.g CIS benchmark)..

EXPERIENCE & QUALIFICATIONS

REQUIREMENTS SUMMARY:

Expert knowledge in SABSA Framework for developing risk-driven enterprise cybersecurity architecture.
Expert knowledge in design principles and approaches such Zero Trust Architecture, Defense in Depth, Secure By Design, Cybersecurity Mesh design requirements.
Previously worked in large organizations with complex cybersecurity requirements.
Exposure to rigorous cybersecurity regulations and standards.
In-depth knowledge of security principles, best practices, and emerging trends.
Service-oriented; able to fulfil business and stakeholder requirements to the highest standards.
Strong communication skills.
Ability to work in a dynamics and deadline-driven environment.
Focused on delivering high quality work. Sound knowledge on TOGAF framework and its Architecture Development Method (As one of our primary roles is to work with NEOM Enterprise Architect and map the EA to ESA)
Sound knowledge of Governance, Risk and Compliance (GRC) practices. (Supporting GRC to ensure Cybersecurity architecture, solutions, services and platforms used by NEOM are compliant with NCA and other regulatory requirements.)
Sound knowledge in Threat Modeling and Threat Intelligence techniques. (As part of operationalizing the Blueprint is to develop design patterns which require knowledge for the thread modeling).
Knowledge of integrating the organization’s goals and objectives into the system architecture.
Knowledge of organization's cybersecurity-relevant evaluation and validation criteria.
Knowledge of architectural concepts and patterns.
Knowledge of system protection planning measures.
Knowledge of multi-level security systems and cross domain solutions
Knowledge of the principles of cybersecurity and privacy.
Knowledge of business practices within organizations.
Knowledge of best practice analysis principles and methods.
Knowledge of cybersecurity and privacy principles and organizational requirements.
Knowledge of IT security principles and methods.
Knowledge of relevant legislative and regulatory requirements.
Adaptive and flexible mindset to respond to evolving cybersecurity threats and business needs.
Ability to employ best practices when implementing cybersecurity controls within a system.
Ability to analyze vulnerability and configuration data to identify cybersecurity issues.

Qualifications

Minimum 8 years’ experience in cybersecurity or information technology disciplines; in particular, cybersecurity architecture.

General Knowledge, Skills, and Experience

Strong leadership skills, with a proven track record in leading and motivating large cybersecurity teams in a complex organizational environment.
Excellent communication skills, capable of effectively articulating complex cybersecurity concepts to a variety of audiences, including non-technical stakeholders.
Strong collaboration skills, with experience in building partnerships across business units and external entities.
Proven experience in budgeting, financial planning, and resource allocation for cybersecurity initiatives.
Demonstrated ability to manage multiple projects and priorities in a dynamic and rapidly changing environment.
Strong organizational skills, with a focus on detail and the ability to oversee complex cybersecurity operations.
Adaptive and flexible mindset to respond to evolving cybersecurity threats and business needs.
Knowledge of relevant cybersecurity aspects of legislative and regulatory requirements, relating to ethics and privacy.

Required academic achievements: