Infrastructure Security Architect

About the Role

We are seeking a highly skilled Infrastructure Security Architect to join the Architecture Unit of one of Saudi Arabia’s largest banks. This team is driving the design and protection of the bank’s hybrid infrastructure, spanning on-premises data centers, private cloud, and public cloud environments.

This is a hands-on, senior-level role requiring deep technical expertise in infrastructure and cloud security, with a strong background in banking or regulated financial environments. You will define, implement, and govern secure architecture standards that safeguard the bank’s critical systems and digital assets.

Key Responsibilities

Architecture & Strategy

• Design and maintain secure hybrid infrastructure architectures integrating on-prem, private cloud, and public cloud (OCI / Azure / GCP).
• Define security reference architectures, baseline configurations, and zero-trust network models.
• Collaborate with enterprise architects to ensure security-by-design across infrastructure initiatives.

Hands-On Implementation & Hardening

• Deploy and configure security controls for firewalls, WAF, IDS/IPS, DDoS protection, Email & API security gateways, VPN, NAC, endpoint protection, IAM, and SIEM solutions.
• Harden operating systems, databases, virtualization, and container environments.

Cloud & Virtualization Security

• Secure workloads across VMware, Hyper-V, and container platforms (Kubernetes, OpenShift).
• Integrate cloud-native security controls into multi-cloud environments.

Security Monitoring & Response

• Collaborate with SOC teams to enhance detection, alerting, and incident response.
• Integrate SIEM / SOAR tools for threat monitoring and correlation.
• Lead root-cause analysis and drive security remediation initiatives.

Compliance & Risk Management

• Ensure adherence to SAMA CSF, NCA ECC, SWIFT CSP, PCI DSS, and NIST standards.
• Develop audit-ready documentation, security blueprints, and policy frameworks.
• Conduct threat modeling and define risk mitigation strategies.

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• 12+ years of hands-on experience in infrastructure security and network architecture.
• Proven experience in the financial or regulated sectors (preferably banking).
• Expertise in:

• Firewalls, WAF, IDS/IPS, DDoS, secure email gateways, API gateways, and SIEM.
• VPN, SD-WAN, and endpoint protection (EDR/XDR, NAC).
• Virtualization and container platforms.
• Cloud security across OCI, Azure, and/or GCP.

Preferred Certifications

• CISSP, CCSP, CISM, or equivalent cloud architecture certifications (OCI / Azure / GCP).