Product Security Architect-GIS at Equity Bank Kenya
Equity Bank
- Kenya
- Permanent
- Full-time
- Formulate security specific requirements for business services for Commercial, Fintech, and digital initiatives
- Work closely with all the business teams to design and incorporate security as part of product development
- Work closely with the other technology architects to ensure that security is properly embedded in their technology domains architectures
- Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks
- Perform security design reviews of applications, systems, and networks
- Provide remediation guidance and recommendations to developers and administrators
- Define security best practices and standards, interpreter same to business and product owners
- Familiarity with common vulnerabilities and attack vectors
- Advise product and business owners on encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
- Leading and contributing to the security posture of Equity's networks and systems, data centre infrastructures, cloud architectures and solutions
- Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy
- Excellent understanding of customer transaction flow of commercial and Fintech services
- Indepth understanding of social engineering weaknesses and countermeasures
- Understand B2C, B2B and C2C business model in relation to security controls
- Ability to simplify analysis and present results clearly at all levels of the business – including at senior management team level
- A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study
- Relevant industry certifications in information security program and governance as well as PMP will be an added advantage
- Minimum of 2 years working in information security governance
- Minimum of 1 year working as a business analyst in technical security and IT
- Good understanding of business models and services in financial, telecom and FinTech domain
- Good understand of customer, merchant integration model
- An excellent team member who is analytical, logical and able to work with other Product team which are dedicated to making Equity products and technologies as secure as possible
- Experience with creating technical documentation: product documentation, technology, software and systems architecture, and technical whitepapers
- Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (E.G. Agile), API Gateways, Data Analytics
- Strong cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions
- Has good understanding of the SSDLC process and follows the process to effectively develop and design solutions
- Ability to function as an individual contributor and mentor/leader detached from the corporate environment
- Good understanding of Open Application Programming Interface business model
- Good understanding ISO27001 and PCI-DSS certification
- Experience of identifying and managing technology security risk
- Up-to-date knowledge of future IP and network security technologies, equipment and their benefits
- Widespread knowledge of different IP and network security vendors and solutions, and managed
- Ability to know when to implement solutions with consideration to the wider impacts i.e. risk, cost, customer impact, timescales, etc.
- Excellent negotiation, and written and verbal presentation skills
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
- Deep knowledge of enterprise application development security controls
- Some knowledge of Telco convergence, FinTech network traffic consumption
- Document security control for each business service delivery
- Understand each business function - Commercial, FinTech and digital initiatives
- Provide knowledge business services and product to the security team
- Consolidate and translate business security needs into finical measurable matrix
Jobs in Kenya