Cybersecurity Architecture Specialist
Job details
Aramco energizes the world economy.
Aramco occupies a unique position in the global energy industry. We are the world's largest producer of hydrocarbons (oil and gas), with the lowest upstream carbon intensity of any major producer.
With our significant investment in technology and infrastructure, we strive to maximize the value of the energy we produce for the world along with a commitment to enhance Aramco's value to society.
Headquartered in the Kingdom of Saudi Arabia, and with offices around the world, we combine market discipline with a generations' spanning view of the future, born of our nine decades experience as responsible stewards of the Kingdom's vast hydrocarbon resources. This responsibility has driven us to deliver significant societal and economic benefits to not just the Kingdom, but also to a vast number of communities, economies, and countries that rely on the vital and reliable energy that we supply.
We are one of the most profitable companies in the world, as well as amongst the top five global companies by market capitalization.
Overview
We are seeking a Cybersecurity Architecture Specialist to join the Information Security Governance Division of Information Security Department.
The Information Security Governance Division is responsible for providing accountable for ensuring the strategic alignment of Information Security Program with Saudi Aramco's corporate and group objectives including delivery and management of all cybersecurity activities necessary to implement secure by design, Zero Trust, defense in depth approaches and develop and implement Cybersecurity program including strategy, Reference architecture, controls, processes, and standards, frameworks and architecture design patterns that satisfy the requirements of the organization and the business as well to achieve the global cybersecurity strategy objectives. The development and management the global cybersecurity strategy and roadmap. The development and management of the global cybersecurity policies. Manage and Measure cybersecurity culture and positive cybersecurity behavior within the company.
The Cybersecurity Specialist primary role is providing a high level of expertise to secure company's information Technology and Operational Technology (IT/OT) assets from cyber-attacks. The incumbent must be able to translate business risk requirements into cybersecurity specifications. This role provides technical leadership to effectively implement the Governance, Risk, and Compliance (GRC) requirements across all IT/OT areas as part of the continued Cyber Defense activities. Additionally, this role provides technical leadership in the overall Cyber Defense by involving in the Security Design & Architecture, Security Operations, Incident Response, Forensics, Penetration Testing, Network, Systems and Application Security, Risk Management, Red Teaming, Emerging Threat Analysis and Intelligence, Security Automation, Data Analytics & Machine Learning. Effectively, the role applies technical experience to guide projects in these areas to further bolster the security of Saudi Aramco.
Duties & Responsibilities
- Provide Application Security, Cloud Security, Database, Network Security. Working with cybersecurity frameworks and standards such as NIST Cybersecurity Framework (NIST CSF), ISO, 800-53/171...etc to assesses the maturity of an organization's Cybersecurity capabilities.
- Provides project consulting, evaluating proposed solutions including vendor products & services for information security architecture, risks and recommending alternative solutions or compensating controls.
- Performs security architecture / application design reviews of projects, products and solutions and ensures they aligned in accordance with security policies and best practices to meet corporate security requirements.
- Identifies gaps in the current projects security design, cybersecurity reference architecture, architecture design patterns and recommend security enhancements.
- Defines new security architecture patterns for advanced technologies such as IoT, AI, Metaverse...etc.
- Mentors and develops security junior security architects.
Minimum Requirements
- A Bachelor's degree in Computer Science, Cybersecurity or equivalate from a recognized and approved program. Required expert level certificates CISSP, CCIE and CISM.
- Minimum 12 years experience in interrelated field of Info. Technology, including knowledge in Cybersecurity.
- You must have Certified Info Sys Security Professional (CISSP), Certified Information Security Manager (CISM) and CCIE.
- Experience in cloud security, workloads, cabernet, web3, blockchain, network Security, application Security and APIs integration.
- Experience in managing the security of cybersecurity cloud platforms and hybrid cloud environments.
- Experience in developing zero trust security roadmap, capability, architectures and standards.
- Solid Understanding of emerging security threats and designs security reference architecture to mitigate threats.
Working environment
Our high-performing employees are drawn by the challenging and rewarding professional, technical and industrial opportunities we offer, and are remunerated accordingly.
At Aramco, our people work on truly world-scale projects, supported by investment in capital and technology that is second to none. And because, as a global energy company, we are faced with addressing some of the world's biggest technical, logistical and environmental challenges, we invest heavily in talent development.
We have a proud history of educating and training our workforce over many decades. Employees at all levels are encouraged to improve their sector-specific knowledge and competencies through our workforce development programs - one of the largest in the world.
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
