The Product Security Architect will be responsible for designing and development of security control for the business Commercial, Fintech, and digital initiatives. He/ she will work closely with the various business team to understand the product and services and further recommend security controls for inclusion. The controls should be less business disruptive, enforce cyber control, reduce fraud and is frictionless with business objective.
The Product Security Architect ensures existing and new business services and products have adequate security controls and conform to Equity Policies, procedures and standards.
Qualifications
Knowledge and Experience
- A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study
- Relevant industry certifications in information security program and governance as well as PMP will be an added advantage
- Minimum of 2 years working in information security governance
- Minimum of 1 year working as a business analyst in technical security and IT
- Good understanding of business models and services in financial, telecom and FinTech domain
- Good understand of customer, merchant integration model
- An excellent team member who is analytical, logical and able to work with other Product team which are dedicated to making Equity products and technologies as secure as possible
- Experience with creating technical documentation: product documentation, technology, software and systems architecture, and technical whitepapers
- Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (E.G. Agile), API Gateways, Data Analytics
- Strong cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions
- Has good understanding of the SSDLC process and follows the process to effectively develop and design solutions
- Ability to function as an individual contributor and mentor/leader detached from the corporate environment
- Good understanding of Open Application Programming Interface business model
- Good understanding ISO27001 and PCI-DSS certification
- Experience of identifying and managing technology security risk
- Up-to-date knowledge of future IP and network security technologies, equipment and their benefits
- Widespread knowledge of different IP and network security vendors and solutions, and managed
Key Critical Competencies
- Ability to know when to implement solutions with consideration to the wider impacts i.e. risk, cost, customer impact, timescales, etc.
- Excellent negotiation, and written and verbal presentation skills
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
- Deep knowledge of enterprise application development security controls
- Some knowledge of Telco convergence, FinTech network traffic consumption
Role Complexity:
- Document security control for each business service delivery
- Understand each business function – Commercial, FinTech and digital initiatives
Budgets/ Financial Input
- Provide knowledge business services and product to the security team
- Consolidate and translate business security needs into finical measurable matrix
