On-site Full Time
--
Axelerated Solutions

Job Details

Application Security Architect Department: Application Architecture Location: Riyadh, Saudi Arabia Employment Type: Full-Time Experience Required: 5+ Years Industry: Communication Platforms Seniority Level: Senior / Lead About the Role We are looking for an experienced Application Security Architect to join our growing team working on enterprise-grade communication platforms. In this role, you will ensure applications comply with National Cybersecurity Authority (NCA) cybersecurity controls, organizational security standards, and secure development best practices. Working alongside Application Architects, you will review solution architectures, identify security gaps, define required security controls, cryptographic requirements, and security mechanisms, while providing security recommendations before implementation. You will act as the security authority throughout the Software Development Lifecycle (SDLC), ensuring applications meet regulatory, organizational, and security architecture requirements. What You’ll Work OnSecurity review of application architectures and solution designs Implementation of NCA cybersecurity controls, standards, and guidelines Security architecture governance and design assurance Cryptography, encryption, certificate, and key management requirements Application security assessments and threat modeling Authentication, authorization, and secure API security reviews Security documentation, risk assessments, and compliance reviews Cross-functional collaboration with Application Architects, Engineering, QA, Infrastructure, and Dev Sec Ops teams Key Responsibilities Security Architecture Review Review application architectures and solution designs produced by Application Architects to ensure compliance with NCA cybersecurity requirements and organizational security standards Identify security gaps and recommend appropriate security controls and architecture improvements Review authentication, authorization, session management, logging, auditing, encryption, and secrets management implementations Provide security recommendations and architecture approval prior to implementation Security Controls & Compliance Translate NCA Essential Cybersecurity Controls (ECC) and other applicable NCA guidelines into technical application security requirements Define application security controls required to satisfy regulatory and organizational security obligations Participate in architecture governance activities and security design reviews Ensure application architectures comply with approved security standards throughout the project lifecycle Cryptography & Data Protection Define cryptographic requirements including encryption algorithms, certificate management, PKI integration, TLS configurations, hashing algorithms, digital signatures, and key management Review data protection mechanisms to ensure appropriate protection of sensitive information at rest and in transit Ensure cryptographic implementations comply with organizational and regulatory requirements Security Assessment & Risk Management Conduct threat modeling and application security architecture assessments Review findings from SAST, DAST, Software Composition Analysis (SCA), penetration testing, and vulnerability assessments Document security risks, compensating controls, and risk acceptance recommendations where applicable Support internal and external security audits Technical Leadership & Security Governance Act as the primary application security advisor for software delivery teams Collaborate with Application Architects, Software Engineers, QA, Infrastructure, and Dev Sec Ops teams to integrate security throughout the SDLCMentor engineering teams on secure design principles and application security best practices Maintain application security standards, security reference architectures, and reusable security patterns Monitor updates to NCA cybersecurity regulations and industry best practices, ensuring security standards remain current Requirements Experience & Background5+ years of experience in Application Security, Security Architecture, Secure Software Development, or related cybersecurity roles Experience reviewing enterprise application architectures from a security perspective Experience implementing NCA cybersecurity requirements within software development projects Experience working within Agile software delivery environments Experience participating in security architecture reviews and technical governance activities Technical Skills Strong understanding of application security architecture and secure design principles Experience reviewing application architectures against NCA cybersecurity requirements Knowledge of authentication, authorization, cryptography, and secure communications Familiarity with application security testing methodologies and security assessment tools Experience producing security architecture documentation and security review reports Soft Skills Strong analytical mindset with attention to detail and risk analysis Excellent written and verbal communication skills in English (Arabic is a plus) Ability to communicate technical security risks to both technical and business stakeholders Strong collaboration skills with a proven ability to influence engineering teams and architecture decisions Education & Certifications A Bachelor’s degree in Computer Science, Cybersecurity, Information Security, Software Engineering, or a related field is required. A Master’s degree is a plus. Preferred Certifications ISC² Certified Information Systems Security Professional (CISSP) ISC² Certified Secure Software Lifecycle Professional (CSSLP) GIAC Web Application Penetration Tester (GWAPT) Offensive Security Web Expert (OSWE) (Preferred) Certified Secure Software Programmer (GSSP) or equivalent application security certification

Similar Jobs

About Axelerated Solutions
Saudi, Jeddah
Information Technology and Services