Bank ABC
Senior Security Architect
- Permanent
- Manama, Bahrain
- Experience 5 - 10 yrs
Job overview
Date posted
17/11/2025
Location
Manama, Bahrain
Salary
Undisclosed
Compensation
Comprehensive package
Job description
The Senior Security Architect for Bank ABC in Bahrain plays a pivotal role in designing, implementing, and maintaining advanced IT security architectures across the organization, covering on-premise and cloud environments. This role is responsible for developing enterprise-wide security frameworks aligned with global standards such as SABSA, TOGAF, NIST, CSA, and ISO 27001, while addressing threats, vulnerabilities, and compliance obligations in financial services. The architect will plan, research, and design robust cybersecurity architectures, integrating security into all new and existing systems. The position includes ownership of multiple security technologiesāsuch as Microsoft Purview, Azure, AWS, Office 365, HSM, Bluecoat proxy, and Microsoft AIPāand the development of corresponding processes for configuration, monitoring, and lifecycle management. The role requires expert knowledge in cryptographic practices, PKI infrastructure, IAM protocols, DLP, CASB, and hybrid cloud security, with the ability to collaborate across DevOps, Cloud, and IT functions to embed security into CI/CD pipelines. The Senior Security Architect will perform risk assessments, threat modelling (using STRIDE, DREAD, and MITRE ATT&CK), and lead governance activities to ensure continuous improvement in compliance with regulatory standards such as CBB, GDPR, ISO 27001, and PCI-DSS. Additionally, this position includes incident management support, architecture documentation, and development of architecture building blocks (ABBs/SBBs) to ensure consistent design and control maturity. Candidates must have strong communication skills to translate complex technical risks into business terms, coupled with hands-on experience in securing cloud environments, managing encryption technologies, and ensuring alignment between security controls and enterprise objectives.
Required skills
Key responsibilities
- Plan, research, and design enterprise-wide security architectures in alignment with frameworks such as SABSA, TOGAF, NIST, and ISO 27001
- Develop threat use cases and scenarios to identify and mitigate vulnerabilities across IT and business systems
- Prepare cost estimates and address integration issues in proposed architectures
- Develop and maintain security reference architectures and technology roadmaps
- Collaborate with DevOps, Cloud, and IT teams to embed security into CI/CD and infrastructure (DevSecOps)
- Design high-level and low-level security architecture for systems and applications, ensuring secure configurations and interoperability
- Implement and manage PKI infrastructures, certification authorities, and encryption technologies
- Coordinate the installation, configuration, and automation of security solutions across hybrid and multi-cloud environments
- Conduct threat modelling, security architecture reviews, and risk assessments to identify design gaps and compliance issues
- Define, implement, and maintain corporate security policies, procedures, and governance frameworks
- Monitor remediation activities and ensure timely closure of identified vulnerabilities or compliance gaps
- Develop and maintain architecture documentation, including baseline and target states, standard operating procedures, and reports
- Serve as Product Owner for key security solutions including Microsoft Purview, Azure, AWS Security Stack, HSM, AIP, and Bluecoat Proxy
- Oversee configuration management, issue resolution, and process documentation for assigned security tools
- Lead design and implementation of cryptographic solutions for systems, databases, and cloud environments
- Ensure compliance with internal and external standards (ISO 27001, PCI-DSS, GDPR, SOC2) and regulatory requirements (CBB)
- Support incident response teams with architectural insights and root cause analysis during security events
- Train and mentor team members in emerging technologies and security practices
- Engage with vendors, third parties, and internal stakeholders to sustain effective and compliant security controls
Experience & skills
- University degree in IT, Computer Science, or Cyber Security-related field
- Minimum 8 years of professional experience in information security, including 3+ years hands-on with cloud service providers (Azure, AWS, Office 365)
- Recognized certifications such as CISSP, CISM, EC-Council, SANS, or cloud-specific certifications (AWS Certified Security, Azure Security Engineer)
- Proficiency in designing and implementing cryptographic solutions, PKI infrastructure, and encryption technologies
- Strong understanding of security frameworks including ISO 27001, NIST CSF, and CIS Top 20
- Experience in securing hybrid and multi-cloud environments and integrating security controls into DevOps pipelines
- Expert knowledge of IAM, MFA, OAuth, SAML, and OpenID Connect protocols
- Experience in threat modelling methodologies such as STRIDE, DREAD, and MITRE ATT&CK
- Proven ability to develop and manage architecture building blocks (ABBs/SBBs) and security design patterns
- Knowledge of network, application, and data security best practices including CASB, HSM, DLP, and web proxies
- Experience in regulatory compliance and governance for financial institutions (CBB, GDPR, PCI-DSS, SOC2)
- Excellent communication, stakeholder management, and presentation skills
- Strong analytical and problem-solving abilities with hands-on technical expertise
- Fluent in English with the ability to articulate complex security risks in business-friendly terms
- Ability to work independently with minimal supervision and manage multiple concurrent projects
