Drive Excellence in Technology Innovation in Africa
The Security Product Architect will be responsible for designing and developing security control for the business Commercial, Fintech, and digital initiatives. He/ she will work closely with the various business team to understand the product and services and further recommend security controls for inclusion. The controls should be less business disruptive, enforce cyber control, reduce fraud and is frictionless with business objective.
The Security Product Architect ensures existing and new business services and products have adequate security controls and conform to Equity Policies, procedures and standards.
- Formulate security-specific requirements for business services for Commercial, Fintech, and digital initiatives.
- Work closely with all the business teams to design and incorporate security as part of product development.
- Work closely with the other technology architects to ensure that security is properly embedded in their technology domain architectures.
- Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks.
- Perform security design reviews of applications, systems, and networks.
- Provide remediation guidance and recommendations to developers and administrators.
- Define security best practices and standards, and interpret the same to business and product owners.
- Familiarity with common vulnerabilities and attack vectors.
- Advise product and business owners on encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAuth, SAML, RADIUS, LDAP, KERBEROS, etc.)
- Leading and contributing to the security posture of Equity’s networks and systems, data centre infrastructures, cloud architectures and solutions.
- Developing and/or carrying out the strategic direction of security projects to enable the execution of the information security strategy,
- Excellent understanding of customer transaction flow of commercial and Fintech services.
- Deep understanding of social engineering weaknesses and countermeasures.
- Understand B2C, B2B and C2C business models in relation to security controls.
- Ability to simplify analysis and present results clearly at all levels of the business – including at the senior management team level.
Knowledge & Competencies
- Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or a similar area of study.
- Relevant industry certifications in information security programs and governance as well as PMP will be an added advantage.
- Minimum of 2 years working in information security governance.
- Minimum of 1 year working as a business analyst in technical security and IT.
- Good understanding of business models and services in financial, telecom and FinTech domain.
- Good understanding of the customer, and merchant integration models.
- An excellent team member who is analytical, logical and able to work with other Product Security Architecture team that is dedicated to making Equity products and technologies as secure as possible.
- Experience with creating technical documentation: product documentation, technology, software and systems architecture, and technical whitepapers.
- Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (E.G. Agile), API Gateways, and Data Analytics.
- Strong cross-domain and cross-functional knowledge that will enable the design of the best possible security technology solutions.
- Has a good understanding of the SSDLC process and follows the process to effectively develop and design solutions.
- Ability to function as an individual contributor and mentor/leader detached from the corporate environment.
- Good understanding of the Open Application Programming Interface business model.
- Good understanding of ISO27001 and PCI-DSS certification.
- Experience in identifying and managing technology security risks.
- Up-to-date knowledge of future IP and network security technologies, equipment and their benefits.
- Widespread knowledge of different IP and network security vendors and solutions and managed.
Key Critical Competencies
- Ability to know when to implement solutions with consideration to the wider impacts i.e., risk, cost, customer impact, timescales, etc.
- Excellent negotiation and written and verbal presentation skills.
- Ability to handle high-pressure situations with key stakeholders.
- Good Analytical skills, Problem-solving and Interpersonal skills.
- Deep knowledge of enterprise application development security controls.
- Some knowledge of Telco convergence, and FinTech network traffic consumption.
Are you looking to sharpen your Software Development skills to stay relevant in the market? CLICK HERE to have a look at the top schools.
For all your IT certification needs, please, click here for information on how to get started