Senior Security Architect
Senior Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The unit (aka Chapter) is responsible for building implementing and enforcing common structures and guidelines for enterprise architecture and solutions practices standards emerged patterns and technologies to enable world-class solutions delivery and build resilient agile and secured architecture landscape aligned with the business strategy.
Achieve a high level of performance and quality in delivering architecture solutions that provide exceptional business value to internal users and customers as well as ensuring common architectural standards across the Group. The chapter maintains all architectural blueprints and architects working in agile platform Infrastructure & data teams across Group IT
The Senior Security Architect (SSEA) reports to the Head of Architecture but is also accountable to the Delivery Head & Lead in the business/functional domain (aka Matrix Manager) that is being served. The SSEA is expected to possess deep technical expertise potential leadership qualities & be solution oriented.
The below competencies are specific and targeted towards Customer Facing Mobile Apps and its associated eco-system processes and integrated components.
1. Domain Competencies
At least 3-5 years of technology experience & working knowledge of Banking Mobile Apps their unique security features & API integration
3-5 years experience in securing IOS & Android Mobile Apps and its associated ecosystem. Must understand the nitty-gritties of IOS & Android native controls as well as Third Party components that have the potential to make the mobile app more secure.
Extensive knowledge and experience with designing and proposing solutions that combat Digital Fraud that typically takes place via Banking Mobile Apps
Deep knowledge of how to implement key controls for Mobile Apps especially on Native Apps and APIs (both Ingress & Egress)
Deep knowledge and/or Experience with Threat Modeling Banking Mobile Apps & it s integrated ecosystem.
Deep knowledge and/or experience with prescribing balanced Security Requirements for Banking Mobile Apps & it s integrated ecosystem.
Deep understanding of global and regional regulatory requirements related to banking and financial services (e.g. PCI-DSS).
Experience in implementing security solutions to ensure that Banking Mobile Apps comply with regulatory requirements and/or have minimal risks prior product releases.
Knowledge of API Security Standards implementation for secure interoperability between different banking systems
Deep knowledge and experience with designing & proposing People Process & Technology controls to ensure secure build deployment and distribution (to App Stores) of Banking Mobile Apps.
Ability to assess and integrate third-party technology solutions into Banking Mobile Apps from a security perspective.
Understanding of Retail Banking Mobile App offerings products and processes
Familiarity with emerging banking technologies and trends (e.g. blockchain digital currencies e-checks ML)
Knowledge & experience integrating industry best practice Fraud Management solutions for Banking Mobile Apps.
2. Technical Competencies
Deep understanding of conducting Data Classification & Asset Valuation activities
Knowledge of conducting Threat Modeling using frameworks of choice
Deep understanding of Application Security (OWASP Top 10 or similar) API Security & Mobile Security (Mobile OWASP Top 10)
Deep understanding of Infrastructure Security including but not limited to Containers Virtual Machines Operating Systems Databases and Interfaces such as payment switches APIs event-streaming systems file transfer systems.
Experience with end-end to security requirements and solutioning via collaboration with peer architects tech leads and associated stakeholders.
Experience in Development of standards patterns and best practices for reuse. Promotion of design adherence to bank policies standards architectural principles and guidelines
Must be able to create security solution-oriented presentations for Senior Technical and/or Business Leaders
Must be able to tailor language and communication based on the audience
3. Behavioural Competencies:
Delivery focused while ensuring the right balance of Customer Experience Business Requirements Performance Reliability & Security
High energy enthusiasm & passion
Excellent analytical & critical thinking skills.
Excellent stakeholder time management & expectation management skills
Autonomous decision-making ability with minimal guidance
High learning potential
Ability to coach & mentor associate/junior architects.
Requirements
Core Objectives & Key Results (OKRs):
Conduct Data Classification Asset Valuation Threat Modelling Security Requirements & Patterns within realistically agreed timelines
Influence squads/teams to implement secure design to ensure risk reduction of the product before release & in the long run.
Deliver secure solutions within realistically agreed timelines.
Optimize Shift-Left processes within the team.
Ensure seamless governance within realistically agreed timelines.
Run education socialisation and awareness workshops with squad/tribe members and/or peers.
Do specialized technical or soft skill learning courses and/or achieve certifications.
Excel at Collaboration Ownership Drive & Enterprising (CODE) values
Coach & mentor associate architects to improve the quality of the team and the product.
Introduce & implement innovative ways of working to deliver value within squads.
Engage in Stretch Assignments/Goldilocks Tasks to contribute value to the organization
Saas
Employment Type
Full Time
