Cybersecurity Architecture Consultant Application & Network side

We have an urgent requirement for a Cybersecurity Architecture Consultant – Application & Network side with experience in the Banking Domain for a client based in Riyadh.

Candidate should be able to review the architecture design from a cybersecurity perspective (applications or network), identify weaknesses, and recommend action plans to mitigate them. Detailed understanding of network and application architecture is required. Strong experience in data security management & access management, and extensive banking experience, are mandatory.

We are seeking a Cybersecurity Architect with deep banking domain expertise to design, assess, and govern security architectures for mission‑critical financial systems. The role owns end-to‑end security design across network, application, and data layers, ensuring data security management aligns with regulatory and enterprise standards.

• Lead cybersecurity architecture for core banking, payments, digital channels, and treasury systems.
• Define security blueprints for network segmentation, zero trust, identity, encryption, and data protection.
• Translate banking business flows into threat models and security controls.
• Provide expertise in network architecture: DMZ design, micro‑segmentation, firewalls, WAF, DDoS, SD‑WAN, and secure cloud connectivity.
• Design network security controls for on‑prem, AWS/Azure, and hybrid environments; review and harden topologies for core banking and SWIFT.
• Own data security strategy: classification, encryption at rest/in transit, tokenization, masking, key management, and DLP.
• Design controls for PII, PCI‑DSS, and regulatory data residency; define secure data flows across internal systems, third parties, and cloud.
• Conduct cybersecurity architecture reviews for new projects and major changes; identify risks, design gaps, and non‑compliance with standards.
• Chair security design forums and provide signed‑off architecture decisions; ensure alignment with SABSA, TOGAF, and bank security policies.
• Apply deep understanding of banking operations (core ledgers, payments ISO 20022, card schemes, treasury, trade, digital onboarding) to secure transaction flows and settlement systems.
• Partner with Risk, Compliance, and Audit to address regulatory requirements (MAS TRM, RBI, GDPR, PCI‑DSS, SWIFT CSCF).
• Guide engineering and infra teams on secure implementation patterns; define security requirements, reusable patterns, and guardrails; review HLD/LLDs and provide guidance on secure coding, IaC, and container security.

• Experience:
  
  5+ years in cybersecurity, 3+ years hands‑on in banking or financial services architecture.
• Banking Knowledge:
  Detailed understanding of banking processes, transaction life cycles, and financial messaging; experience with core banking systems such as Temenos, Finacle, or FIS.
• Network Security:
  Expert in network architecture (routing, switching, firewalls, IDS/IPS, proxies, VPN, NAC, segmentation); cloud network security in AWS/Azure.
• Data Security:
  Strong background in data security management (encryption, HSM/KMS, DLP, CASB, database security, privacy engineering).
• Architecture Review:
  Demonstrated experience performing threat modeling (STRIDE/DREAD) and security architecture reviews; ability to sign off or reject designs based on risk.
• Frameworks: TOGAF, SABSA, NIST 800‑53, ISO 27001, MITRE ATT&CK.
• Relevant
  
  Certifications:
  
  CISSP or CISM; TOGAF, SABSA SCF, or Open CA;
  Cloud Security (AWS Certified Security – Specialty or Microsoft Certified: Cybersecurity Architect Expert);
  Network/Data (CCSP, GIAC GDSA, CISA, CDPSE);
  Banking Specific (SWIFT Certified Expert or PCI ISA/PCIP).

• Architecture, cybersecurity, network architecture.