Senior Specialist - Security Architecture

Overview:

The Senior Specialist – Security Architecture will serve as an advisor on security best practices and is responsible for designing and effectively implementing project level secure architecture. The Senior Specialist – Security Architecture will design and implement a Security Architecture Framework, based on security-by-design principles, global security standards and ensure all implementations in G42 and its entities comply with this framework.

In this role, you will collaborate with business analysts, infrastructure leads, solutions architects, application owners, security assessment teams, security operations, data privacy team, third party vendors to supports operational needs, aligns with security objectives, validate secure architecture and propose mitigations.

Responsibilities:

•    Develops actionable security blueprints, principles, models, designs, standards and guidelines to ensure enterprise security architecture is aligned with enterprise technology architecture and remains consistent, usable, secure and adds value to the business.
•    Builds consensus around principles of security architecture and interprets and clarifies these principles.
•    Act as the subject matter expert on cloud security, network, endpoint, mobile, and data security by providing guidance and mentorship to teams across the organization.
•    Ensure G42’s Enterprise Security Architecture is aligned with its Enterprise Technology Architecture.
•    Assist in designing sub-components of a larger security architecture or projects with focus and complexity. 
•    Conduct security assessments of existing and proposed systems, identifying gaps and recommending solutions that meet compliance, legal, and risk management requirements.
•    Responsible for proposing security controls for new integrations with existing G42 systems.
•    Evaluate, recommend, and design security for latest technologies including but limited to high performance computing, Artificial Intelligence projects, Blockchain, Confidential computing, hybrid and multi – cloud implementation, Zero Trust technology etc.
•    Evaluate strengths and flaws in security architecture including performance, confidentiality, integrity, availability, access and total cost of ownership.
•    Work with cross-functional stakeholders to define and communicate cyber security requirements to the business in alignment with G42 policies, legal and regulatory requirements, and industry best practices. 
•    Participates in the evaluation, selection and implementation of technology solutions including providing detailed analysis of pros and cons and build vs buy options.
•    Maintains operational, architectural and design documentation including procedures, task lists, and architecture blueprints.
•    Continually works to enhance breadth and depth of knowledge and experience. Benchmarks technology strategies and architectures. Monitors and anticipates trends and investigates organizational objectives and needs. Prepares benchmarking reports and presentations.
•    Promotes implementation of new technology, solutions and methods to improve business processes, efficiency, effectiveness and value delivered to customers.
•    Ability to articulate complex solutions which are comprehensive to the target audience (e.g. technical vs. non-technical).
•    Aptitude to identify, analyze and rationalize risks to ensure decisions made are in the best interest of the business, staff and its customers.
•    Support executive-level security communications and presentations.

Qualifications:

•    Experience: 8+ years of experience in cybersecurity, with a focus on secure design, architecture, and risk assessments.
•    Experience in Securing Architectures: Hands-on experience designing and implementing information security for solutions in large, complex organizations.
•    Deep understanding of cloud-based cybersecurity principles, including encryption, authentication, access control, and network security.
•    Extensive experience in designing and implementing cybersecurity architectures for complex, enterprise cloud environments.
•    Familiarity with common enterprise architecture frameworks including SABSA, OESA, TOGAF and similar.
•    Expertise in cloud security (IAAS, PAAS and SAAS), Identity and access management (IAM), and security information and event management (SIEM) systems.
•    Knowledge of different type of webservices authentication types such as OAUTH, OAUTH2 etc.
•    Knowledge of API Security and service-oriented architectures.
•    Knowledge of NIST CSF, NIST SP 800-53, UAE IA, DESC, ISO27001/27002 and PCI-DSS Standards and Requirements.
•    Azure Platform Knowledge: In-depth understanding of Azure services, features, and capabilities relevant to governance, compliance, and risk management. 
•    Ability to translate research findings into practical solutions that address real-world security challenges.
•    Strong strategic thinking skills, with the ability to develop and execute long-term cybersecurity plans.
•    Ability to lead large-scale cybersecurity initiatives and projects, ensuring alignment with organizational goals.
•    Excellent communication skills, with the ability to present complex technical information to both technical and non-technical audiences.
•    Strong interpersonal skills, with the ability to build relationships and influence stakeholders at all levels of the organization.
•    Experience in collaborating with cross-functional teams, including IT, legal, compliance, and business units.
•    Certifications (preferred but not required): AZ-305 Azure Solutions Architect, Microsoft Security Architect, AWS Certified Solutions Architect, CISSP, CASP+, CySA+, Security+, etc.