Senior Security Architect (Mobile & Web Security, Penetration Testing, OWASP, API Security)

Software Requirements:

• Basic Mobile & Web Security
• Penetration testing experience
• Web/Mobile Security hands-on experience
• Application Security Vulnerability Assessment
• RED Team
• Security Auditing and OWASP

Overall Responsibilities:

• Provide security expertise and solutions for customer-facing mobile apps and their associated ecosystems.
• Collaborate with the Delivery Head & Lead in the business/functional domain to ensure secure delivery of solutions.
• Design, propose, and implement security solutions to combat digital fraud in banking mobile apps.
• Ensure compliance with global and regional regulatory requirements related to banking and financial services.
• Develop and enforce security standards, patterns, and best practices.
• Conduct threat modeling and prescribe balanced security requirements for mobile apps and their integrated ecosystems.
• Assess and integrate third-party technology solutions from a security perspective.
• Create security solution-oriented presentations for senior technical and business leaders.
• Tailor communication based on the audience.

Technical Skills:

Mobile Application Security:

• At least 7 years of experience in securing iOS & Android mobile apps and their ecosystems.
• Deep knowledge of iOS & Android native controls and third-party components.
• Experience in implementing key controls for mobile apps, especially on native apps and APIs (both ingress & egress).
• Knowledge of API Security Standards for secure interoperability between banking systems.

Threat Modeling and Penetration Testing:

• Knowledge of conducting threat modeling using frameworks of choice.
• Hands-on penetration testing experience (OWASP Top 10 or similar), API Security, and Mobile Security (Mobile OWASP Top 10).

Infrastructure Security:

• Deep understanding of infrastructure security including containers, virtual machines, operating systems, databases, and interfaces such as payment switches, APIs, event-streaming systems, and file transfer systems.

Regulatory Compliance:

• Deep understanding of global and regional regulatory requirements related to banking and financial services (e.g., PCI-DSS).
• Experience in implementing security solutions to ensure compliance with regulatory requirements.

Development and Integration:

• Experience in developing standards, patterns, and best practices for reuse.
• Ability to assess and integrate third-party technology solutions into banking mobile apps from a security perspective.
• Knowledge & experience in integrating industry best practice fraud management solutions for banking mobile apps.

Experience:

• 10-12 years of technology experience with a focus on banking mobile apps and their security features.
• Extensive experience with securing iOS & Android mobile apps and their ecosystems.
• Proven track record of designing and proposing security solutions to combat digital fraud in banking mobile apps.
• Experience in implementing security solutions to ensure compliance with regulatory requirements.
• Hands-on penetration testing experience and familiarity with OWASP standards.

Day-to-Day Activities:

• Provide security expertise and solutions for customer-facing mobile apps.
• Collaborate with cross-functional teams to develop and implement secure solutions.
• Conduct threat modeling and prescribe balanced security requirements.
• Assess and integrate third-party technology solutions from a security perspective.
• Create and deliver security solution-oriented presentations for senior technical and business leaders.
• Continuously monitor and improve the security of mobile apps and their ecosystems.

Qualifications:

• Degree or postgraduate degree in Computer Science or a related field (or equivalent industry experience).
• Extensive knowledge and experience in securing mobile and web applications.
• Hands-on experience with penetration testing, application security vulnerability assessment, and security auditing.

Soft Skills:

• Autonomous decision-making ability with minimal guidance.
• High learning potential and adaptability.
• Delivery-focused while ensuring a balance of customer experience, business requirements, performance, reliability, and security.
• High energy, enthusiasm, and passion for security.
• Excellent analytical and critical thinking skills.
• Strong stakeholder, time management, and expectation management skills.
• Excellent communication and interpersonal skills for interacting with senior and executive management.

S​YNECHRON’S DIVERSITY & INCLUSION STATEMENT
 

Diversity & Inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative action employer. Our Diversity, Equity, and Inclusion (DEI) initiative ‘Same Difference’ is committed to fostering an inclusive culture – promoting equality, diversity and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more.

All employment decisions at Synechron are based on business needs, job requirements and individual qualifications, without regard to the applicant’s gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.

Candidate Application Notice