Job Description

Job Category: NES Job Group
:
We are seeking a highly skilled and experienced Senior Cloud Security Architect who will also primarily contribute to Cloud Security Governance initiatives. The ideal candidate will possess a strong blend of technical expertise, strategic thinking, and leadership capabilities to design, implement, and govern secure cloud environments aligned with organizational objectives.As a key member of the second line of defense (LOD-2), This person will ensure robust cloud security policies, frameworks, and best practices are implemented across the organization. This person will collaborate with cross-functional teams, including Technology, compliance, risk management, and business units, to drive security governance while aligning with regulatory and business requirements
Responsibilities:

• Design and implement secure cloud architectures across multi-cloud environments (e.g., AWS, Azure, GCP).
• Assess and integrate cloud-native security controls and technologies, ensuring optimal protection for critical assets.
• Provide expert guidance on secure application and infrastructure development in the cloud.
• Conduct cloud threat modeling, risk assessments, and vulnerability assessments to identify and mitigate risks.
• Collaborate with DevOps teams to ensure secure CI/CD pipelines and promote secure coding practices.
• Develop and maintain cloud security policies, standards, and frameworks aligned with industry standards (e.g., ISO 27001, NIST, CSA CCM).
• Establish governance processes to monitor and enforce compliance with cloud security policies.
• Evaluate and implement cloud compliance automation tools to ensure adherence to regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS).
• Conduct regular cloud security audits and assessments to identify gaps and drive continuous improvement.
• Act as the primary liaison for cloud security governance with internal and external stakeholders
• Define the strategic roadmap for cloud security and governance, aligning with organizational goals.
• Lead cross-functional teams to build a security-first culture within the cloud ecosystem.
• Stay updated with emerging cloud security trends, threats, and technologies, recommending proactive measures.
• Provide executive-level reporting on cloud security posture, risks, and mitigation strategies.
• Mentor and guide junior team members, fostering a culture of continuous learning and improvement.

Qualifications:
Experience:

• Total experience in Cybersecurity 12-15 years.
• Experience in cloud security 6-8 Years
• Experience in the banking or financial services industry.
• Experience implementing security governance frameworks and managing cloud compliance programs
• Proven experience in leading and influencing diverse technical and non-technical teams.
• Proven experience in DevSecOps, automation, and continuous integration/deployment (CI/CD) security practices.
• Strong experience with programming/scripting languages (e.g., Python, Terraform, ARM) for automation and security integration.
• Knowledge of container security and orchestration (e.g., Docker, Kubernetes).
• Proficiency in Information security concepts.

Skills:

• Strong understanding of cloud security tools CNAPP, SSPM, KSPM, SASE).
• Hands-on experience with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation) and security of IaaC.
• In-depth knowledge of industry standards and regulations (PCI-DSS, ISO 27001, NIST, CSA, GDPR, HIPAA, etc.).
• Strong understanding of risk management and mitigation strategies for cloud environments
• Strong problem-solving and analytical skills in cloud environment.
• Excellent communication skills for interacting with development and operations teams and presenting findings to senior management.
• Familiarity with security-focused DevOps tools (e.g., Jenkins, GitLab CI, Docker, Kubernetes).
• Ability to align security initiatives with business objectives and articulate ROI of security investments.

Certifications:

• Cloud-specific: AWS Certified Security Specialist, Azure Security Engineer Associate, Google Professional Cloud Security Engineer.
• Governance and risk: CISM, CRISC.
• Security: CISSP, CCSP.
• DevOps: Certified Kubernetes Administrator (CKA), DevSecOps Practitioner.

About Us:
The leading financial institution in MENA
While more than half a century old, we proudly think like a challenger, startup, and innovator
in banking and finance, powered by a diverse and dynamic team who put customers first.
Together, we pioneer key innovations and developments in banking and financial services.
Our mandate? To help customers find their way to Rise Every Day, partnering with them through
the highs and lows to help them reach their goals and unlock their unique vision of success.
Delivering superior service to clients by leading with innovation, treating colleagues with dignity and fairness while pursuing opportunities that grow shareholders value.
We actively contribute to the community through responsible banking in our mission to inspire more people to Rise.

Skills Required