Senior Security Architect

We are seeking a Senior Security Architect with a strong focus on application security and proven experience in fintech or financial services environments. The ideal candidate will have at least 5 years of experience as a Security Architect and 10+ years in cybersecurity and software engineering, with hands-on involvement in secure digital payment systems, API-driven banking applications, and cloud-native fintech solutions. This role will serve as the security design authority across high-impact financial platforms, ensuring compliance with industry regulations, safeguarding sensitive data, and embedding security into every stage of the software development lifecycle (SDLC).

Key Responsibilities:

• Security Architecture & Design:

  • Define and maintain secure architecture frameworks for fintech applications, APIs, and microservices across multi-cloud environments.
  • Design security controls for real-time payment systems, open banking interfaces, and digital wallets.
  • Partner with development teams to embed security-by-design principles from inception through deployment.
  • Conduct architecture threat modeling, risk assessments, and mitigation planning.

• Application Security Leadership:

  • Lead application threat modeling, secure code reviews, and vulnerability management for core financial platforms.
  • Drive Secure SDLC adoption, integrating automated security scans (SAST, DAST, SCA, IaC) into DevSecOps pipelines.
  • Develop secure coding standards tailored to fintech risks such as transaction tampering, data leakage, and API abuse.
  • Evaluate and oversee application security tools, red-teaming activities, and third-party code reviews.

• FinTech Compliance & Governance:

  • Ensure architectures comply with financial security and privacy frameworks such as PCI DSS, ISO 27001, MAS TRM, NIST, and GDPR.
  • Collaborate with risk, compliance, and audit teams to ensure data protection, key management, and secure transaction processing.
  • Define zero-trust architecture patterns for fintech ecosystems, including identity federation, encryption at rest/in transit, and API security.

• Advisory & Continuous Improvement:

  • Advise product, infrastructure, and engineering teams on secure cloud adoption, identity governance, and encryption strategy.
  • Support incident response and post-incident remediation for application-related threats.
  • Monitor emerging fintech threats (e.g., account takeover, fraud APIs, deepfake payments) and develop proactive countermeasures.

Required Qualifications:

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
• 10+ years of professional experience, including 3+ years as a dedicated Security Architect.
• Proven experience designing and securing fintech platforms, digital banking apps, or payment gateway systems.
• Deep understanding of: OWASP Top 10 and API Security Top 10, secure integration with open banking APIs, tokenization, and cryptographic key management.
• CI/CD security (GitLab, Azure DevOps, Jenkins) and cloud security (AWS / Azure / GCP).
• Authentication and authorization frameworks (OAuth2, OIDC, SAML, JWT).
• Strong background in application threat modeling, secure coding, and encryption lifecycle management.

Preferred Qualifications:

• Certifications: CISSP, CSSLP, SABSA, AWS/Azure Security Specialty, OSWE/OSCP, or CISM.
• Experience designing architectures for real-time transaction monitoring, fraud detection, or KYC/AML systems.
• Familiarity with financial regulatory frameworks and data residency requirements in the GCC region.
• Strong understanding of microservices, Kubernetes, and API Gateway security.
• Experience mentoring developers and conducting fintech-specific secure design workshops.

Key Competencies: Strategic and hands-on security leader with deep fintech domain expertise. Excellent communication and stakeholder management across technology, compliance, and executive teams. Proactive, analytical thinker passionate about protecting digital trust in the financial ecosystem.