Enterprise Security Architect - UAE

About This Role

Role Description

DUOARCH clients are undergoing significant digital transformation, modernising their technology estates across cloud, data, AI, and digital service platforms. As organisations accelerate innovation, cybersecurity has become one of the most critical enterprise priorities—requiring security architecture that is proactive, scalable, and embedded by design.

We are seeking exceptional Enterprise Security Architects to play a central role in shaping, governing, and assuring the security posture of complex enterprises across sectors such as financial services, government, logistics, real estate, hospitality, and investment management .

This is a senior architecture leadership role for individuals who can operate at both strategic and delivery levels, defining enterprise security frameworks, ensuring regulatory compliance, and embedding modern security patterns across business-critical programmes. The successful candidate will be responsible for enabling secure digital experiences, protecting enterprise assets, and ensuring AI-driven transformation is built on trusted and resilient foundations.

Key Responsibilities Enterprise Security Strategy & Architecture

• Develop and evolve the organisation’s enterprise security architecture, ensuring alignment with corporate strategy, risk appetite, and transformation roadmaps.
• Define target-state security architectures that support digital modernisation, multi-cloud adoption, and AI-enabled capability development.
• Establish security as a strategic enabler—balancing control, agility, and innovation at enterprise scale.
• Own and maintain enterprise security reference architectures, patterns, and standards across technology portfolios.
• Drive measurable risk reduction and demonstrate clear ROI through architecture-led security improvements.

Security Governance, Risk & Compliance

• Lead security governance across the enterprise, ensuring adherence to internal policies and international best practices (e.g. ISO 27001, NIST, CIS).
• Partner with risk and compliance teams to ensure alignment with regulatory frameworks and sector-specific requirements.
• Ensure compliance with local and global obligations, including data privacy, audit controls, and cyber resilience mandates.
• Contribute to Architecture Review Boards (ARB) and security assurance forums, ensuring rigorous design approvals and architectural integrity.

Cloud & Infrastructure Security Architecture

• Define secure cloud architectures across Azure, AWS, and GCP , including landing zones, shared service models, and cloud-native controls.
• Establish scalable security foundations for multi-cloud environments, including:
• Identity-first security
• Network segmentation and micro-perimeters
• Cloud security posture management (CSPM)
• Secure workload and container architectures
• Embed resilience engineering, disaster recovery, and secure infrastructure automation practices.

Identity, Access & Zero Trust Architecture

• Architect enterprise-wide Identity and Access Management (IAM) strategies supporting modern workforce and customer needs.
• Implement Zero Trust security principles, including:
• Continuous authentication
• Least privilege enforcement
• Privileged access management (PAM)
• Conditional access policies
• Ensure consistent identity governance across enterprise platforms and third-party ecosystems.

Data Security & Privacy Architecture

• Define enterprise controls for data confidentiality, integrity, and availability across modern data platforms.
• Partner with data governance teams to establish secure-by-design approaches for:
• Data classification and protection
• Encryption and key management
• Data loss prevention (DLP)
• Secure data sharing and access governance
• Ensure AI and analytics platforms are deployed with trusted data security foundations.

Application & Platform Security Architecture

• Provide security architecture leadership across application modernisation programmes, including digital platforms, ERP estates, and customer-facing services.
• Define secure software architecture patterns and DevSecOps controls, including:
• Secure SDLC practices
• CI/CD security automation
• Threat modelling and security-by-design assurance
• API security and service-to-service trust models
• Ensure enterprise platforms are hardened, monitored, and resilient against evolving threats.

Security Architecture for AI & Emerging Technology

• Shape security architecture for AI-enabled transformation, including:
• Model governance and lifecycle controls
• Secure ML pipelines and training environments
• Responsible AI risk frameworks
• Protection against adversarial AI threats
• Define security strategies for emerging enterprise technologies such as IoT, smart operations, and automation platforms.

Threat Modelling, Resilience & Incident Preparedness

• Conduct architecture-level threat modelling across critical systems and transformation programmes.
• Ensure enterprise readiness for cyber incidents through:
• Security monitoring architectures
• SOC integration patterns
• Incident response alignment
• Business continuity and recovery frameworks
• Drive security resilience as a core pillar of enterprise operating capability.

Stakeholder Engagement & Trusted Advisory

• Engage senior executives, CIOs, CISOs, and programme leaders as a trusted security advisor.
• Translate complex security risks into clear business-level decisions and actionable roadmaps.
• Provide leadership across technical and non-technical stakeholders to embed a security-first culture.

Leadership & Capability Development

• Mentor and guide security architects, engineers, and technology leaders across the enterprise.
• Build security architecture maturity through repeatable frameworks, capability uplift, and governance discipline.
• Champion a culture of evidence-based decision-making and security embedded into delivery, not bolted on.

Qualifications

• Degree in Cybersecurity, Computer Science, Engineering, Information Systems, or related discipline.

Preferred Certifications include:

• CISSP, CISM, or CCSP
• SABSA or TOGAF (Security Architecture specialism)
• Cloud Security Certifications (Azure Security Engineer, AWS Security Specialty, GCP Security)
• ISO27001 Lead Implementer/Auditor

Your Next Defining Security Leadership Role

If you are in the UAE and hold a Golden Visa ready to shape enterprise-scale cyber resilience, secure AI-driven transformation, and build modern security foundations for some of the region’s most ambitious organisations.

DUOARCH offers a unique opportunity to operate at the forefront of enterprise security strategy and architecture.

Apply now to understand what the next step in your security architecture journey.