AL-Khaleej is hiring for a bank in Riyadh a Security Architect who has below qualifications.
10+ years of experience in the banking sector, preferably from Saudi banks. Hands-on experience of working on Enterprise Level Next-Gen Firewalls (NGFW), IDS/IPS, NAC, WAFs, DDoS Protection and leading cybersecurity solutions. Experience of working on Building practical Zero Trust Frameworks that move beyond the perimeter, implementing Zero Trust Network Access (ZTNA), SASE, Micro-segmentation , and Passwordless Authentication. Experience to Design and Architect the cyber defense by optimizing SOC technologies, specifically SIEM, SOAR, and XDR (e.g., Microsoft Sentinel, Splunk) Experience of working on the EDR/XDR Strategy to ensure every endpoint functions as a self-defending node, utilizing platforms like Crowd Strike, Sentinel One, Trellix or Microsoft Defender etc. Experience of working on enterprise class vulnerability management tools (Tenable, Qualys, or Rapid7) to transform scan data into prioritized business actions. Experience of working on Identity Governance, managing PAM and identity management for large-scale enterprise environments to eliminate administrative credential abuse. Familiar with designing Data Privacy Controls to ensure compliance with KSA PDPL and SAMA, utilizing DLP tools, Automated Data Discovery, and Hardware Security Modules Experience with PKI Solutions and automated certificate management to handle large-scale SSL/TLS deployments and robust encryption standards (AES-256, RSA, ECC). Familiarity with cloud security architectures Knowledge of securing emerging technologies like AI and defenses for LLMs and AI workloads. Familiar with security regulator’s requirements ( NCA, SAMA, PCI-DSS ) Deep hands-on experience with enterprise vendors including Palo Alto, Fortinet, Cisco, Sailpoint, Symantec, IBM, Redhat, VMware, EMC, Recorded Future, Group IB, Digi Cert, and Trellix etc. Expertise in designing based on emerging threats, with a focus on Identity Threat Detection and Response (ITDR) and hybrid-cloud connectivity. Build and maintain robust WAF (Web Application Firewall) policies to protect critical web applications from Layer 7 attacks and zero-day exploits Broad experience on designing defense in depth and defense in breath in larger scale enterprise environment keeping in protection form Layer 1 to Layer 7 and zero days attacks and respective controls.