Cyber Security Architecture Lead

Job purpose / role:

To participate in development and sustaining an effective cyber security architecture on enterprise level, which outlines the cyber security requirements in the enterprise architecture based on industry best practices and regulatory standards such as PCI, ISO 27001, SAMA, etc. and addresses the security design principles for developing cyber security capabilities. To design and oversees the development, implementation, and configuration of cybersecurity systems and networks. 

Areas of responsibility:

Policies, Processes & Procedures

• Implements approved departmental policies, processes, procedures and provides instructions to subordinates and monitors their adherence so that work is carried out in a controlled manner

Day- to-day operations

• Implements the day-to-day operations assigned for the Security Landscape function to ensure compliance with the established standards and procedures

CIS Architecture & Engineering

• Participates in the appropriate implementation of CIS architecture framework
• Participates in defining design principles for developing cyber security controls and applying cyber security requirements
• Ensures security within and across architecture disciplines
• Participates in ensuring seamless security integration & alignment with other frameworks (including TOGAF, ITIL, ISO27000 series, Zachman, DoDAF, Cobi, NIST, etc. as applicable to the Riyad Bank)
• Participates in assessment of cyber security capabilities and its coverage
• Ensures CIS standards incorporate the regulatory requirements such as PCI, ISO27001, and SAMA, etc.
• Ensures security requirements are captured and security controls are suggested as part of security architecture’s engagement in business and BTD initiatives
• Aligns CIS objectives with key business and technology strategies
• Ensures alignment of security requirements with security capability matrix
• Identifies security design gaps in existing and proposed architectures and recommend changes/enhancements
• Works closely with other functional area architects and security specialists to ensure adequate security controls are in place throughout the implementation of systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
• Participates in reviews of new technologies, architecture initiatives, and security products
• Leads the evaluation and development of secure solutions, based on secure design principles
• Assesses information system’s secure design
• Participates in cyber threat landscape management assessments

Continuous Improvement

• Contributes to the identification of opportunities for continuous improvement of systems, processes and practices taking into account ‘international best practice’, improvement of business processes, cost reduction and productivity improvement

Reporting

• Prepares departmental reports of Riyad Bank timely and accurately to meet the bank and department requirements, policies and standards

Committees and Meetings

• Represents the function and actively contributes in various committees/meetings (internal and external) as applicable and per authority levels in order to ensure relevant matters are dealt with in a timely and efficient manner

Safety, Quality & Environment

Complies with all relevant safety, quality and environmental management policies, procedures and controls to ensure a healthy and safe work environment

Related Assignments      

Performs other related duties or assignments as directed within the confinement of the departmental roles and responsibilities. 

• Excellent knowledge of banking BT systems and applications
• Very good knowledge of the banking operations and requirements
• Knowledge of local laws and regulations related to cyber and information security
• Knowledge of international standards PCI\SOX\EMV            
• In depth knowledge and understanding information security management and development of relevant tools and systems
• Very good knowledge of the programming languages and systems used by the Bank
• Excellent knowledge of the SDLC process and components
• Knowledge of SABSA, ISO 27001, TOGAF, ITIL and COBIT frameworks
• Excellent knowledge of security risk assessments. 
• Good understanding of security landscape
• Experience of developing web and mobile application security standards and its implementation
• Hands on experience on perimeter security controls – firewall, IDS/IPS, network access control, and network segmentation
• Good understanding of security concepts related to DNS, routing, authentication, VPN, proxy services and DDoS mitigation technologies
• Knowledge of API security, container security, and cloud security requirements
• In-depth experience in the following:
• Metadata management
• Asset management
• Change management
• Microservice architecture
• Data leakage/content monitoring and filtering
• Cloud access security broker
• Configuration of web application firewalls
• Information Assurance
• Information Systems/Network Security
• Information Technology Assessment
• Cyber Security Laws and Regulations
• Risk Management
• Systems Testing and Evaluation
• Vulnerability Assessment
• Familiarity with source code management tools
• Familiarity with securing data across SaaS and IaaS cloud platforms
• Familiarity with securing data across multiple database technologies