IT Infrastructure Security Officer

Job Summary

We are seeking a Senior IT Infrastructure Security Officer to lead the strategy, architecture, and governance of our organization's end-to-end IT security landscape. This role is responsible for protecting both cloud and on-premises infrastructure, including network, endpoint, and eCommerce environments. The role will also own and drive compliance with international standards such as ISO 27001, NESA, and GDPR.

This is a high-impact leadership position requiring deep technical knowledge, sound judgment, and a proactive approach to cyber risk management and resilience.

Key Responsibilities

• Define and lead the enterprise-wide IT security roadmap, ensuring alignment with business goals and regulatory obligations.
• Develop, implement, and enforce security policies, standards, and best practices across all infrastructure domains.
• Manage the end-to-end lifecycle of ISO 27001 implementation and certification including risk treatment plans, audits, and documentation.

• Architect secure hybrid infrastructure (cloud/on-prem), ensuring scalability, high availability, and resilience.
• Supervise secure deployment and operations of servers, virtualization, storage, and backup systems.
• Implement strong Identity and Access Management (IAM) and privileged access control across all systems.

• Design and manage secure network architectures, including firewalls, IDS/IPS, VPNs, and network segmentation.
• Drive endpoint security, including EDR tools, mobile device management, and patch compliance.
• Lead eCommerce infrastructure security to protect web platforms, APIs, transactions, and payment systems against fraud and attacks.
• Collaborate with DevOps, AppSec, and development teams to integrate security into the SDLC.

• Own the security risk management lifecycle – identification, assessment, mitigation, and reporting.
• Ensure compliance with ISO 27001, NESA, GDPR, PCI-DSS, and other relevant standards.
• Lead security assessments, internal/external audits, and maintain audit readiness posture.

• Act as a trusted advisor to C-level executives on cybersecurity risks, strategy, and investments.
• Lead cross-functional teams during incident response, disaster recovery, and risk mitigation.
• Mentor junior staff, foster a culture of cybersecurity awareness across all departments.

Candidate Requirements

• Bachelor’s or Master’s degree in Information Security, Computer Science, or equivalent.
• 10+ years of relevant experience in IT infrastructure, cloud environments, and cybersecurity leadership.

• Proven experience in:
  • Cloud security (Azure, AWS)
  • eCommerce platform security
  • Network architecture & security tools
  • Endpoint protection & device compliance
• Strong command of regulatory frameworks:
  • ISO 27001, NESA, GDPR, PCI-DSS, etc.
• Familiar with DevSecOps, zero trust architecture, and security automation tools.

• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager
• ISO 27001 Lead Implementer / Auditor
• Azure / AWS Security Certifications
• CEH – Certified Ethical Hacker

• Strategic mindset with strong technical acumen
• Excellent stakeholder management and communication skills
• High integrity, proactive attitude, and problem-solving mindset
• Strong leadership with experience managing cross-functional teams

• A condensed version for a LinkedIn or job portal post
• A version aligned to internal grading/job bands
• Or interview questions to screen candidates for this role