, you will define and enforce security-by-design principles across our platforms. You'll partner with engineering, product, and customer-facing teams to build resilient, cloud-native architectures, integrate DevSecOps practices, and ensure our SOC platform aligns with leading security frameworks.
This role is both strategic and practical: shaping security roadmaps, advising leadership, and guiding teams through implementation.
What You'll Do
Design and Lead Security Architecture for COGNNA's multi-tenant SaaS platform, ensuring secure cloud-native deployments across AWS, GCP, and Azure.
Develop and enforce security-by-design principles, integrating them into product architecture, SDLC, and CI/CD pipelines.
Conduct risk assessments, threat modeling, and architecture reviews to identify gaps and propose effective mitigations.
Mentor and guide security engineers, elevating team capabilities in secure development, automation, and operations.
Build defense-in-depth strategies spanning application, infrastructure, and data security layers.
Implement and automate security controls using tools like Terraform, Ansible, SOAR, and CI/CD integrations.
Collaborate with compliance teams to map architectures against standards such as NIST, ISO 27001, and CIS benchmarks.
Partner with product and customer teams to support demos, POCs, and deployment design reviews with enterprise clients.
Stay ahead of threats and innovations, continuously improving our architecture to meet evolving security and regulatory demands.
Support incident response by designing resilient monitoring, detection, and recovery strategies into the architecture.
Requirements
Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Systems, or a related technical field.
7+ years of experience in information security, with at least 3 years in a leadership or security architecture role.
Proven experience leading and mentoring security engineering teams.
Strong background in cloud security (AWS, Azure, or GCP), including architecture, monitoring, and incident response.
Hands-on experience with secure SDLC, DevSecOps practices, and CI/CD security integrations.
Deep understanding of security architecture frameworks (NIST, ISO 27001, CIS, etc.).
Strong knowledge of application, infrastructure, and cloud security controls.
Proficiency with risk assessments, threat modeling, and security reviews.
Experience with security automation and orchestration tools (Terraform, Ansible, CI/CD integrations, SOAR).
Familiarity with IAM, encryption, endpoint security, vulnerability management, and network security.
Knowledge of container and microservices security (Docker, Kubernetes) is a strong plus.
Excellent communication and leadership skills -- able to translate complex architecture into clear guidance for technical and non-technical stakeholders.
Security certifications (e.g., CISSP, CISM, CCSP, SABSA) are highly desirable.
Fluent in English; Arabic proficiency is a bonus.
Willingness to travel for key customer engagements, demos, and industry events.