Senior Security Architect

The Senior Security Architect (SSEA) reports to the Head of Architecture but is also accountable to the Delivery Head & Lead in the business/functional domain (aka Matrix Manager) that is being served. The SSEA is expected to possess deep technical expertise, potential leadership qualities & be solution oriented.

The below competencies are specific and targeted towards Customer Facing Mobile Apps and its associated eco-system, processes, and integrated components.

Domain Competencies:

• At least 3-5 years of technology experience & working knowledge of Banking Mobile Apps, their unique security features & API integration
  

• 3-5 years’ experience in securing IOS & Android Mobile Apps and its associated ecosystem.
  

• Must understand the nitty-gritties of IOS & Android native controls as well as Third Party components that have the potential to make the mobile app more secure.
  

• Extensive knowledge and experience with designing and proposing solutions that combat Digital Fraud that typically takes place via Banking Mobile Apps
  

• Deep knowledge of how to implement key controls for Mobile Apps especially on Native Apps and APIs ( both Ingress & Egress)
  

• Deep knowledge and/or Experience with Threat Modeling Banking Mobile Apps & it’s integrated ecosystem.
  

• Deep knowledge and/or experience with prescribing balanced Security Requirements for Banking Mobile Apps & it’s integrated ecosystem.
  

• Deep understanding of global and regional regulatory requirements related to banking and financial services (e.g., PCI-DSS).
  

• Experience in implementing security solutions to ensure that Banking Mobile Apps comply with regulatory requirements and/or have minimal risks prior product releases.
  

• Knowledge of API Security Standards implementation for secure interoperability between different banking systems
  

• Deep knowledge and experience with designing & proposing People, Process & Technology controls to ensure secure build, deployment and distribution (to App Stores) of Banking Mobile Apps
  

• Ability to assess and integrate third-party technology solutions into Banking Mobile Apps from a security perspective.
  

• Understanding of Retail Banking Mobile App offerings, products, and processes
  

• Familiarity with emerging banking technologies and trends (e.g., blockchain, digital currencies, e-checks, ML)
  

• Knowledge & experience integrating industry best practice Fraud Management solutions for Banking Mobile Apps
  

Technical Competencies:

• Deep understanding of conducting Data Classification & Asset Valuation activities
  
• Knowledge of conducting Threat Modeling using frameworks of choice
  
• Deep understanding of Application Security (OWASP Top 10 or similar), API Security & Mobile Security (Mobile OWASP Top 10)
  
• Deep understanding of Infrastructure Security including but not limited to Containers, Virtual Machines, Operating Systems, Databases, and Interfaces such as payment switches, APIs, event-treaming systems, file transfer systems.
  
• Experience with end-end to security requirements and solutioning via collaboration with peer Architects, tech leads and associated stakeholders.
  
• Experience in Development of standards, patterns, and best practices for reuse. Promotion of design adherence to bank policies, standards, architectural principles, and guidelines
  
• Must be able to create security solution-oriented presentations for Senior Technical and/or Business Leaders
  
• Must be able to tailor language and communication based on the audience
  

Responsibilities:

• Conduct Data Classification, Asset Valuation, Threat Modeling, Security Requirements & Patterns within realistically agreed timelines
  
• Influence squads/teams to implement secure design to ensure risk reduction of the product prior to release & in the long run.
  
• Deliver secure solutions within realistically agreed timelines.
  
• Optimize Shift-Left processes within the team.
  
• Ensure seamless governance within realistically agreed timelines.
  
• Run education, socialization, and awareness workshops with squad/tribe members and/or peers.
  
• Do specialized technical or soft skill learning courses and/or achieve certifications.
  
• Excel at Collaboration, Ownership, Drive & Enterprising (CODE) values of Emirates NBD
  
• Coach & mentor associate architects to improve the quality of the team and the product.
  
• Introduce & implement innovative ways of working to deliver value within squads (Preferred)
  
• Engage in Stretch Assignments/Goldilocks Tasks to contribute value to the organization (Preferred)