We are hiring a Security Architect to design and govern the security architecture for a large-scale Mobility as a Service (MaaS) platform for a leading Abu Dhabi public-sector mobility initiative. You will ensure end-to-end security, cloud security (Azure preferred), and compliance with relevant UAE and international security standards for a mission-critical, high-traffic platform.
Key Responsibilities
- Define and own security architecture for the MaaS platform (mobile, APIs, backend, cloud)
- Ensure compliance with ISO 27001:2022 and UAE Information Assurance (IA) standards
- Implement IAM/RBAC, SSO, and secure authentication/authorization patterns
- Design end-to-end encryption, key management, and secure communication standards
- Ensure PCI DSS compliance for payment processing and integrations
- Lead/coordinate VAPT activities and remediation tracking
- Ensure privacy compliance practices (e.g., GDPR/CCPA principles where applicable)
- Define security monitoring, logging, SIEM integration, and incident response procedures
- Establish breach response & notification readiness (72-hour requirement)
- Work with stakeholders to meet public-sector cybersecurity and governance requirements
Requirements
- 10+ years in cybersecurity; 5+ years in security architecture
- Strong knowledge of ISO 27001, SOC 2, and security frameworks
- Cloud security experience (preferably Azure)
- Certification: CISSP / CISM (or equivalent)
- Strong experience with PCI DSS and payment security
- Deep knowledge of IAM (OAuth2/OIDC, JWT, RBAC)
- Experience securing mobile apps + API ecosystems
- Understanding of UAE cybersecurity regulations/controls
Nice to Have
- UAE/GCC public sector security experience
- CEH / penetration testing exposure
- SIEM and security monitoring tools experience
- Arabic proficiency
