Security Architect

Momentum • Full-time • أبو ظبي, AE • 1w ago

Company Description

Momentum Corporate Services is a leading entertainment group based in Abu Dhabi, United Arab Emirates. Our portfolio includes mobile game development and publishing, virtual reality experiences, iGaming, esports management, and content platform services. We are dedicated to creating immersive and personalized entertainment experiences that push the boundaries of innovation in the industry.

For more information about Momentum Group, please visit our website at www.mgh.ae

Role

Azure Cloud Security Architecture

Develop & implements a comprehensive security architecture for the Azure cloud environment and DR capability, ensuring alignment with best practices and regulatory requirements
Defines and supports the implementation of security controls across each of the Azure services, e.g., networking, storage, computer and identity services

Azure AD Access Controls

Supports the design and configuration of Azure AD to manage user identities, roles and access controls across the Azure environment
Supports the configuration of identity management solutions e.g. SSO, MFA and conditional access in Azure AD to enhance secure authentication and authorization

Network Security Controls

Designs and supports the management of a secure network architecture in Azure including Virtual network configurations, network security groups, and firewall settings to protect cloud resources.
Works with the Technical Operations team to support configuration of Azure firewalls, and the Web Application Firewall (WAF) to secure access to cloud resources ensuring perimeter protection against external threat

Data security

Ensures that technical & policy level controls required to protect sensitive data are implemented e.g. data classifications, encryption at rest/transit, access controls for databases and other data resources in Azure
Ensure that crypto key management solutions for keys, secrets and certificates are implemented effectively, controlling access to sensitive data.

Monitoring & Incident Response

Works with the Security Operations Centre to ensure monitoring tools are configured correctly providing continuous and real time visibility into the security posture of Azure resources and other critical components with the infrastructure

Security Assessments, Compliance & Risk Management

Conducts periodic risk assessments of the Azure cloud infrastructure and other critical systems to identify vulnerabilities, optimization opportunities and recommends remediation steps to address any gaps
Works with Technical Operations and other stakeholders to ensure that the Azure cloud environment is designed and configured in line with relevant regulatory standards e.g. ISO27001, PCI DSS, GLI Technical Standards etc.
As required, internal/external audits with the necessary documentation & evidence to demonstrate implementation of security controls within the Azure cloud environment

Secure software development & DevOps

Defines the framework for secure software development within the organization, working with Development & Technical Operations to integrate security into CI/CD pipelines, and ensuring secure deployment of applications in Azure
Provides ongoing support, guidance on secure coding and configuration practices ensuring the build and deployment of secure and resilient applications.

Zero Trust Security Principles

Works to develop a zero-trust security model for the Azure cloud infrastructure, enforcing continuous authentication, micro segmentation and lest privileged access across cloud resources
Ensures security is maintained across all layers of the cloud environment including identity, network, applications and data.

Security Policies & Standards

Supports the development and implementation of security policies, standards and procedures for Azure cloud services, ensuring consistency in the operation of technical controls
Provides ongoing support, guidance and training to technical stakeholders in Azure cloud security best practices.

Secure 3rd party integrations

Assesses and supports configuration of secure integrations with 3rd party applications, ensuring external connections adhere to security standards to protect sensitive data
Works with the SOC to regularly monitor 3rd party access to the infrastructure, implementing access controls and protective measures where necessary

Skills Required

Cloud security: expert in designing secure cloud infrastructures, with strong security controls for public, private and hybrid cloud environments. Demonstratable knowledge of cloud security frameworks and ensuring compliance with industry standards
Network & infrasec: Strong understanding of secure network design & segmentation, inc firewalls, VPS, IDS/IPS, web application firewalls. Experienced in systems hardening for applications, databases and network components
Identity & Access: Proficient in designing & managing secure IAM systems with RBAC, MFA and privileged access mgmt.
Encryption & data protection: Experience of utilising encryption technologies and key mgmt. solutions with Cloud environments, in addition to implementing DLP solutions to protect sensitive data.
Disaster recovery planning: Experience in supporting the design and implementation of DR solutions to ensure the availability of critical systems and data in case of failure or outage.
Tools & technologies: Proven experience of cloud security tools e.g. Azure security centre and other vulnerability management tools used for managing security patches and updates across the infrastructure

Experience

5-10 years’ experience in information security or cloud-based IT infrastructure
Proven experience in information security, IT infrastructure, or cloud architecture roles with a focus on securing cloud environments, ideally Azure
Demonstrated ability to design, implement, and manage secure infrastructures, including identity and access management, network security, and data protection
Extensive hands-on experience with Azure security features, including Azure Active Directory (Azure AD), Azure Security Center, Azure Key Vault, Azure Firewall, Network Security Groups (NSGs), and Virtual Network (VNet) configurations to secure cloud environments
Experience designing access controls using Azure AD, managing conditional access policies, and enforcing least privilege access across cloud resources.
Proven experience in leading or managing projects focused on security architecture or cloud security deployments
Skilled in conducting risk assessments of cloud architectures, identifying vulnerabilities, and implementing remediation strategies within Azure environments.
Proven track record of collaborating with IT, DevOps, application development, and security teams to embed security controls within cloud environments.
Ability to act as a trusted advisor to other departments on Azure security and compliance best practices.
Detail-oriented approach to designing and implementing security controls, ensuring configurations meet exact security specifications without compromising access or usability
Ability to align security architecture with business objectives, balancing security requirements with operational efficiency and cost-effectiveness.

Qualifications

Bachelor’s or master’s degree in information technology, Computer Science or Cyber Security related field
Microsoft Certified: Azure Security Engineer Associate
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: Identity and Access Administrator Associate
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Microsoft Certified: Cybersecurity Architect Expert
Certified Information Security Manager (CISM)
CompTIA Cloud+
Azure Administrator Associate (AZ-104)
Certified Ethical Hacker (CEH)

One or many of these qualifications are preferred

Offer