img
نوع العقددوام كامل
طبيعة الوظيفةبالموقع
الموقعالرياض

وصف الوظيفة

About the Role

Axelerated Solutions is seeking an Application Security Architect to join its team in Riyadh, Saudi Arabia. This full-time role involves ensuring that enterprise-grade communication platforms comply with National Cybersecurity Authority (NCA) cybersecurity controls, organizational security standards, and secure development best practices. The ideal candidate will possess 5-10 years of experience in application security.

Key Responsibilities

The Application Security Architect will act as the security authority throughout the Software Development Lifecycle (SDLC), ensuring applications meet regulatory, organizational, and security architecture requirements. This includes:

  • Conducting security reviews of application architectures and solution designs.
  • Implementing NCA cybersecurity controls, standards, and guidelines.
  • Defining cryptography, encryption, certificate, and key management requirements.
  • Performing application security assessments and threat modeling.
  • Reviewing authentication, authorization, and secure API security.
  • Preparing security documentation, risk assessments, and compliance reviews.
  • Collaborating with Application Architects, Engineering, QA, Infrastructure, and DevSecOps teams.

Security Architecture and Compliance

This role involves a focus on ensuring robust security architecture and compliance across all applications. Specific duties include:

  • Reviewing application architectures and solution designs for compliance with NCA cybersecurity requirements and organizational standards.
  • Identifying security gaps and recommending appropriate security controls and architecture improvements.
  • Translating NCA Essential Cybersecurity Controls (ECC) and other guidelines into technical application security requirements.
  • Participating in architecture governance activities and security design reviews.
  • Ensuring compliance with approved security standards throughout the project lifecycle.

Cryptography and Risk Management

The architect will be responsible for defining and reviewing cryptographic implementations and managing security risks:

  • Defining cryptographic requirements, including encryption algorithms, certificate management, PKI integration, and key management.
  • Reviewing data protection mechanisms for sensitive information at rest and in transit.
  • Conducting threat modeling and application security architecture assessments.
  • Reviewing findings from SAST, DAST, SCA, penetration testing, and vulnerability assessments.
  • Documenting security risks, compensating controls, and risk acceptance recommendations.
  • Supporting internal and external security audits.

Technical Leadership and Collaboration

This position requires providing technical guidance and fostering secure development practices across teams:

  • Acting as the primary application security advisor for software delivery teams.
  • Collaborating with various engineering and operations teams to integrate security throughout the SDLC.
  • Mentoring engineering teams on secure design principles and application security best practices.
  • Maintaining application security standards, security reference architectures, and reusable security patterns.
  • Monitoring updates to NCA cybersecurity regulations and industry best practices.

Required Qualifications and Skills

Candidates should demonstrate the following qualifications and skills:

  • Experience reviewing enterprise application architectures from a security perspective.
  • Proven experience implementing NCA cybersecurity requirements within software development projects.
  • Familiarity with Agile software delivery environments and participation in security architecture reviews.
  • Strong understanding of application security architecture and secure design principles.
  • Knowledge of authentication, authorization, cryptography, and secure communications.
  • Familiarity with application security testing methodologies and security assessment tools.
  • Experience producing security architecture documentation and security review reports.
  • Strong analytical mindset with attention to detail and risk analysis capabilities.
  • Excellent communication and collaboration skills, with an ability to influence engineering teams and architecture decisions.

متطلبات الوظيفة

  • تتطلب ٥-١٠ سنوات خبرة

وظائف مشابهة