Sr. Security Architect

The Senior Security Architect (SSEA) is also accountable to the Delivery Head & Lead in the business/functional domain (aka Matrix Manager) that is being served. The SSEA is expected to possess deep technical expertise, potential leadership qualities & be solution oriented.

The below competencies are specific and targeted towards Customer Facing Mobile Apps and its associated eco-system, processes, and integrated components.

Domain Competencies:

• At least 7 years of technology experience & working knowledge of Banking Mobile Apps, their unique security features & API integration.
• 7 years’ experience in securing IOS & Android Mobile Apps and its associated ecosystem. Must understand the nitty-gritties of IOS & Android native controls as well as Third Party components that have the potential to make the mobile app more secure.
• Extensive knowledge and experience with designing and proposing solutions that combat Digital Fraud that typically takes place via Banking Mobile Apps
• Deep knowledge of how to implement key controls for Mobile Apps especially on Native Apps and APIs (both Ingress & Egress)
• Deep knowledge and/or Experience with Threat Modeling Banking Mobile Apps & it’s integrated ecosystem.
• Deep knowledge and/or experience with prescribing balanced Security Requirements for Banking Mobile Apps & it’s integrated ecosystem.
• Deep understanding of global and regional regulatory requirements related to banking and financial services (e.g., PCI-DSS).
• Experience in implementing security solutions to ensure that Banking Mobile Apps comply with regulatory requirements and/or have minimal risks prior product releases.
• Knowledge of API Security Standards implementation for secure interoperability between different banking systems
• Deep knowledge and experience with designing & proposing People, Process & Technology controls to ensure secure build, deployment and distribution (to App Stores) of Banking Mobile Apps
• Ability to assess and integrate third-party technology solutions into Banking Mobile Apps from a security perspective.
• Understanding of Retail Banking Mobile App offerings, products, and processes
• Familiarity with emerging banking technologies and trends (e.g., blockchain, digital currencies, e-checks, ML)
• Knowledge & experience integrating industry best practice Fraud Management solutions for Banking Mobile Apps

Technical Competencies

• Knowledge of conducting Threat Modeling using frameworks of choice.
• Hands-on Penetration testing experience (OWASP Top 10 or similar), API Security & Mobile Security (Mobile OWASP Top 10)
• Deep understanding of Infrastructure Security including but not limited to Containers, Virtual Machines, Operating Systems, Databases, and Interfaces such as payment switches, APIs, event-streaming systems, file transfer systems.
• Experience with end-end to security requirements and solutioning via collaboration with peer architects, tech leads and associated stakeholders.
• Experience in Development of standards, patterns, and best practices for reuse. Promotion of design adherence to bank policies, standards, architectural principles, and guidelines
• Must be able to create security solution-oriented presentations for Senior Technical and/or Business Leaders
• Must be able to tailor language and communication based on the audience

Behavioral Competencies Thinking Related People Related Self Related

• Autonomous decision-making ability with minimal guidance
• High learning potential
• Delivery focused while ensuring the right balance of Customer Experience, Business Requirements, Performance, Reliability & Security
• High energy, enthusiasm & passion
• Excellent analytical & critical thinking skills.
• Excellent stakeholder, time management & expectation management skills

Mandate Skillsets :

1. Basic Mobile & Web Security

2. Build High Level Designs

3. Penetration testing Experience

4. Web/ Mobile Security Hand on experience.

5. Application Security Vulnerability Assessment

6. 5-6 Years of min Web or Mobile specific experience

7. RED Team

8. Security Auditing and OWASP

S​YNECHRON’S DIVERSITY & INCLUSION STATEMENT
 

Diversity & Inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative action employer. Our Diversity, Equity, and Inclusion (DEI) initiative ‘Same Difference’ is committed to fostering an inclusive culture – promoting equality, diversity and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more.

All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant’s gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.

Candidate Application Notice