Product Security Architect-Gis At Equity Bank Kenya

Details of the offer

Job Purpose:
The Product Security Architect will be responsible for designing and development of security control for the business Commercial, Fintech, and digital initiatives. He/ she will work closely with the various business team to understand the product and services and further recommend security controls for inclusion. The controls should be less business disruptive, enforce cyber control, reduce fraud and is frictionless with business objective.
The Product Security Architect ensures existing and new business services and products have adequate security controls and conform to Equity Policies, procedures and standards.
Job Responsibilities/ Accountabilities:
Architecture:
Formulate security specific requirements for business services for Commercial, Fintech, and digital initiatives
Work closely with all the business teams to design and incorporate security as part of product development
Work closely with the other technology architects to ensure that security is properly embedded in their technology domains architectures
Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks
Perform security design reviews of applications, systems, and networks
Provide remediation guidance and recommendations to developers and administrators
Define security best practices and standards, interpreter same to business and product owners
Familiarity with common vulnerabilities and attack vectors
Advise product and business owners on encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
Leading and contributing to the security posture of Equity's networks and systems, data centre infrastructures, cloud architectures and solutions
Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy

Strategy:
Excellent understanding of customer transaction flow of commercial and Fintech services
Indepth understanding of social engineering weaknesses and countermeasures
Understand B2C, B2B and C2C business model in relation to security controls
Ability to simplify analysis and present results clearly at all levels of the business - including at senior management team level

Qualifications
Knowledge and Experience
A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study
Relevant industry certifications in information security program and governance as well as PMP will be an added advantage
Minimum of 2 years working in information security governance
Minimum of 1 year working as a business analyst in technical security and IT
Good understanding of business models and services in financial, telecom and FinTech domain
Good understand of customer, merchant integration model
An excellent team member who is analytical, logical and able to work with other Product team which are dedicated to making Equity products and technologies as secure as possible
Experience with creating technical documentation: product documentation, technology, software and systems architecture, and technical whitepapers
Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (E.G. Agile), API Gateways, Data Analytics
Strong cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions
Has good understanding of the SSDLC process and follows the process to effectively develop and design solutions
Ability to function as an individual contributor and mentor/leader detached from the corporate environment
Good understanding of Open Application Programming Interface business model
Good understanding ISO27001 and PCI-DSS certification
Experience of identifying and managing technology security risk
Up-to-date knowledge of future IP and network security technologies, equipment and their benefits
Widespread knowledge of different IP and network security vendors and solutions, and managed

Key Critical Competencies
Ability to know when to implement solutions with consideration to the wider impacts i.e. risk, cost, customer impact, timescales, etc.
Excellent negotiation, and written and verbal presentation skills
Ability to handle high pressure situations with key stakeholders
Good Analytical skills, Problem solving and Interpersonal skills
Deep knowledge of enterprise application development security controls
Some knowledge of Telco convergence, FinTech network traffic consumption

Role Complexity:
Document security control for each business service delivery
Understand each business function – Commercial, FinTech and digital initiatives

Budgets/ Financial Input
Provide knowledge business services and product to the security team
Consolidate and translate business security needs into finical measurable matrix


Nominal Salary: To be agreed

Source: Myjobmag_Co

Requirements

Backend Developer At Tech Care For All Africa (Tc4A)

About the Role We are seeking a Backend Developer to support product development. Your primary focus will be developing all server-side logic, ensuring high ...


From Tech Care For All Africa (Tc4A) - Nairobi Area

Published a month ago

Flutter Engineer Intern At Interintel Technologies Limited

JOB BRIEF We're seeking Flutter engineering interns who are fast learners and problem solvers! These internships may lead to full-time roles. You'll gain exp...


From Interintel Technologies Limited - Nairobi Area

Published a month ago

Human Resource Assistant At Interintel Technologies Limited

QUALIFICATIONS Bachelor's Degree in Human Resource Management or closely related discipline, from an accredited institution. 1-2 years of relevant in Human R...


From Interintel Technologies Limited - Nairobi Area

Published a month ago

Head Of Ict Operations At Hf Group

Principle Accountabilities Oversee day-to-day management of various ICT systems and solutions such as Telecommunication and Computing infrastructure, databas...


From Hf Group - Nairobi Area

Published a month ago

Built at: 2024-11-07T09:56:08.435Z