NHC تعلن عن وظيفة مدير هندسة وهيكلة الأمن السيبراني في الرياض

Job Purpose:

Lead and oversee the design, implementation, and management of NHC’s cybersecurity architecture and engineering functions. Ensure the development of secure systems and applications, effective cryptographic key management, and robust cloud and hosting security. Provide advisory and consultation services, manage security solutions architecture, and oversee cybersecurity service delivery to protect NHC information assets and support business objectives.

Organizational Responsibilities

Reports To:

Cybersecurity Director (CISO)

Scope of Supervision:

• Enterprise Security Architecture Team Members
• Cybersecurity Engineering Team Members

Key Duties and Responsibilities

1) Advisory & Consultation

• Provide expert cybersecurity advice to internal and external stakeholders.
• Align cybersecurity architecture and strategies with business objectives.
• Conduct cybersecurity assessments and recommend improvements.

2) Cybersecurity Service Management

• Oversee delivery of cybersecurity services in line with organizational and compliance requirements.
• Manage SLAs and ensure timely resolution of cybersecurity issues.
• Monitor and report performance of cybersecurity services.

3) Security Architecture & Engineering

• Lead the design and implementation of secure architecture for systems and applications.
• Ensure security solutions are scalable, resilient, and aligned with best practices.
• Integrate security into the system development lifecycle (SDLC).
• Translate business and technical requirements into secure architectural designs.

4) Systems & Applications Security Management

• Manage and enforce security controls across systems and applications.
• Ensure systems and applications are protected against evolving threats.
• Implement secure configuration and hardening standards.

5) Cryptographic Key Management

• Oversee cryptographic key lifecycle management.
• Develop and maintain key management policies and procedures.
• Ensure compliance with cryptographic standards and regulations.

6) Cloud Computing & Hosting Security

• Ensure the security of cloud and hosting environments.
• Implement and manage cloud security controls and best practices.
• Conduct regular security assessments for cloud environments.

7) Compliance & Regulatory Alignment

• Ensure compliance with NCA and other cybersecurity regulations and standards.
• Monitor regulatory changes and update policies and controls accordingly.
• Conduct periodic compliance assessments and audits.

8) Continuous Improvement

• Continuously enhance cybersecurity architecture, policies, and practices.
• Stay updated with emerging cybersecurity trends and technologies.
• Lead initiatives to improve overall security posture.

9) Collaboration & Reporting

• Work closely with the CISO to align cybersecurity initiatives with organizational goals.
• Provide periodic reports on architecture and engineering activities.
• Collaborate with other cybersecurity teams to enhance security maturity.

Stakeholder Relationships

Key Internal Stakeholders

• NHC Cybersecurity Department
• Cybersecurity Director (CISO)
• IT Department
• Business Units and System Owners

Key External Stakeholders

• Regulatory Bodies (e.g., NCA)
• Vendors and Technology Partners
• Government and Industry Forums

Job Requirements

Education

• Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field.
• MBA is preferred.

Professional Experience

• 6+ years of relevant experience in cybersecurity architecture and engineering.
• Strong expertise in defining security principles, methodologies, and architectural models.
• Hands-on experience securing cloud and hosting environments.
• Experience in secure configuration management and technical requirement translation.
• Experience in implementing and managing cryptographic key management systems.
• Ability to assess and enhance organizational cybersecurity architecture.
• Strong knowledge of NCA standards, SABSA framework, and other security frameworks.

Preferred Certifications

• CISSP (ISSAP preferred)
• CISM
• GCAD
• CCSP
• SSCP
• SABSA Chartered Practitioner (SCP)