IT Infrastructure Security Officer
Job Description
Job Summary: We are looking for a highly experienced and strategic Senior IT Infrastructure Security Officer to lead the security architecture and governance of our entire IT landscape.This includes cloud and on-premises infrastructure, network and endpoint security, and eCommerce infrastructure. The role also owns compliance with ISO 27000 and other regulatory frameworks.
The ideal candidate will bring deep technical expertise, leadership acumen, and a proactive approach to risk management and cyber resilience.
Job Description: Security Strategy & Governance
Define and execute the enterprise-wide IT security roadmap aligned with business and regulatory requirements.Establish and enforce security policies, standards, and frameworks across all infrastructure layers.
Lead the organizations ISO 27000 compliance program, including audits, documentation, and remediation.
Infrastructure Security Oversight
Architect and secure hybrid infrastructure (cloud and on-prem) with a focus on scalability, availability, and resilience.Oversee secure deployment and lifecycle management of servers, storage, virtualization, and backup systems.
Ensure robust identity and access management (IAM) across all platforms.
Network, Endpoint & eCommerce SecurityDesign and manage secure network topologies, including firewalls, IDS/IPS, VPNs, and segmentation.
Lead endpoint protection strategies including EDR, patch management, and device compliance.
Own the security of the eCommerce infrastructure, ensuring platform integrity, secure payment processing, and protection against fraud and cyberattacks.
Collaborate with DevOps and application teams to embed security into the eCommerce development lifecycle.
Risk & Compliance ManagementOwn the risk management lifecycle: identification, assessment, mitigation, and reporting.
Ensure compliance with ISO 27001, NESA, GDPR, and other applicable standards.Maintain audit readiness and lead internal/external security assessments.
Leadership & CollaborationServe as a trusted advisor to executive leadership on cybersecurity risks and investments.
Lead cross-functional teams in security initiatives and incident response.
Mentor junior security and infrastructure staff, fostering a culture of security awareness.
Requirements- Bachelors or Masters degree in Information Security, Computer Science, or related field.
- 10+ years of experience in IT infrastructure and cybersecurity.
- Proven expertise in cloud security (Azure/AWS), network security, eCommerce platform security, and ISO 27000.
- Strong knowledge of regulatory frameworks and risk management methodologies.
Preferred certifications: CISSP, CISM, ISO 27001 Lead Implementer/Auditor, Azure/AWS Security, CEH