Solution Architect / Cybersecurity Architect

SWATX

Key Responsibilities

1. Cybersecurity Architecture & Solution Design

1. Lead the design of enterprise cybersecurity architectures, covering cloud, network, identity, data, endpoint, and application security domains.

2. Develop HLDs/LLDs, architecture diagrams, reference models, and security patterns.

3. Assess existing customer environments and build target-state architectures aligned with business/security objectives.

4. Define Zero Trust architecture blueprints, identity models, segmentation strategies, and detection structures.

2. Presales, RFP, and Proposal Support

5. Support presales teams in opportunity qualification, customer workshops, and technical discovery.

6. Lead the creation of technical proposals, RFP responses, SoWs, BOMs, and solution write-ups.

7. Provide solution presentations, demonstrations, and technical clarifications to stakeholders.

3. Delivery & Implementation Oversight

8. Guide delivery teams (engineering/consulting) in implementing designed architectures.

9. Participate in complex solution deployments to ensure alignment with architectural principles.

10. Conduct architecture reviews, gap analysis, and compliance assessments.

4. Customer Engagement & Advisory

11. Act as a trusted advisor to CISO, IT security leaders, and enterprise architecture teams.

12. Support cybersecurity strategy development, roadmap creation, and maturity improvement initiatives.

13. Provide technical leadership during critical incidents or escalations.

5. Governance, Compliance & Risk

14. Ensure architectures align with KSA regulatory frameworks:

NCA ECC/CCC

SAMA CSF

CST Cybersecurity Framework

15. Map architectures to industry standards such as NIST CSF, ISO 27001, CIS Controls, and cloud best practices.

Mandatory Technical Expertise

Candidates must have broad and deep expertise in at least 4 5 of the areas below:

Microsoft Security Architecture (Mandatory)

Microsoft Sentinel

Microsoft Defender XDR (Endpoint, Identity, Cloud, Office 365)

Microsoft Entra ID (PIM, Conditional Access, Identity Protection)

Microsoft Purview (Data Security & Compliance)

Azure Security Architecture

Azure Landing Zones, Policies, RBAC, and secure cloud governance

Identity & Access Management (IAM / IGA / PAM)

OKTA

SailPoint

BeyondTrust

IBM Security Verify

Network & Infrastructure Security

Palo Alto Networks

Fortinet

Cisco Security

Segmentation, micro-segmentation, Zero Trust architectures

SOC & Threat Detection

SIEM/XDR design

Use case development

Threat hunting frameworks

SOAR playbooks

Cloud Security

Azure (mandatory)

AWS or GCP (optional but preferred)

Cloud-native architecture and security tooling

Data, Application & DevSecOps

Secure SDLC

API security

CI/CD pipeline security

Container/Kubernetes security (AKS, EKS)