Cyber Security Architect (Security Architecture Analyst)

About the role

We are looking for an experienced Security Architecture Analyst to join our cybersecurity and enterprise architecture function in Riyadh. This on‑site role focuses on secure‑by‑design governance across cloud (OCI) and on‑premise environments, ensuring all technology projects meet security standards and regulatory requirements.

Key responsibilities

• Conduct security architecture assessments for new projects, major changes, and cloud deployments (OCI, microservices, APIs, data platforms).
• Develop and maintain enterprise security design patterns and reference architectures covering network segmentation, IAM, encryption, API security, and data protection.
• Define secure configurations for OCI services, including identity models, network security groups, encryption, and key management.
• Embed security controls into CI/CD pipelines (SAST, dependency scanning, container security, IaC validation).
• Support evaluation and selection of security technologies and ensure architectural alignment.
• Collaborate with SOC, GRC, and Enterprise Architecture teams to integrate monitoring and governance requirements.
• Participate in architecture review boards, documenting decisions, risks, and required design adjustments.
• Produce high‑quality architecture review reports, diagrams, and design rationales.

Required profile

• 7+ years of experience in security architecture, secure‑by‑design reviews, and enterprise security frameworks.
• Strong expertise in cloud security (preferably OCI), microservices, API security, and data protection.
• Deep knowledge of network segmentation, IAM, encryption, and secure third‑party integration.
• Experience integrating security into DevOps/CI‑CD pipelines.
• Strong documentation and architectural governance discipline.

Required skills

• OCI cloud security
• Microservices architecture
• API security
• Data protection and encryption
• Network segmentation
• Identity and Access Management (IAM)
• DevSecOps integration (SAST, dependency scanning, container security, IaC validation)
• CI/CD pipeline security
• Architecture governance and documentation