Enterprise Security Architect

About the role

The Enterprise Security Architect is responsible for designing, implementing, and maintaining secure systems and infrastructure, with a primary focus on safeguarding cloud environments and critical applications.

Key responsibilities

• Define, design, and evolve enterprise‑wide security architecture, reference models and patterns such as Zero Trust across network, application, data and cloud domains.
• Lead quarterly cloud security governance and architecture for Azure and Microsoft 365, ensuring compliance, secure configuration and monitoring.
• Perform weekly threat modelling, risk assessments and vulnerability analyses to identify design gaps and recommend mitigations.
• Manage the weekly Data Loss Prevention (DLP) program, including strategy, implementation and tuning.
• Oversee weekly Microsoft M365 E5 security platform management, including UEM, MDM, EDR, DLP, IAM and SIEM.
• Design and govern daily Identity and Access Management (IAM) framework, covering MFA, SSO and RBAC.
• Develop and maintain daily security policies, standards and guidelines aligned with NIST, ISO 27001 and UAE IA requirements.
• Research, evaluate and roadmap new security technologies (EDR, XDR, CASB) on an annual basis.
• Provide monthly architectural support to the Security Operations Center during incident response.
• Communicate security strategy and risk to stakeholders on a monthly basis as the senior security SME.

Required profile

Required skills

• Microsoft M365 E5
• Endpoint Detection and Response (EDR)
• Security Access Service Edge (SASE)
• Firewalls and Web Application Firewalls
• Azure cloud platform
• Microsoft 365
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Virtual Private Network (VPN)
• Data Loss Prevention (DLP)
• Unified Endpoint Management (UEM)
• Mobile Device Management (MDM)
• Identity and Access Management (IAM)
• Multi‑Factor Authentication (MFA)
• Single Sign‑On (SSO)
• Role‑Based Access Control (RBAC)
• Zero Trust architecture
• NIST framework
• ISO 27001
• UAE IA regulatory standards
• Extended Detection and Response (XDR)
• Cloud Access Security Broker (CASB)
• Security Information and Event Management (SIEM)