Job Summary
The Lead, Security Engineering & Architecture will be responsible for optimizing and maintaining MoMo PSB’s security architecture to protect networks and systems. This role ensures operational and commercial excellence through robust security engineering practices and strategic planning.
Reports to: Chief Information Security Officer (CISO)
Responsibilities
- Define, plan, architect, and coordinate the implementation and maintenance of information security tools.
- Optimize and standardize information security across the enterprise.
- Manage product and infrastructure lifecycle and roadmaps across IT infrastructure, mobile, and application platforms.
- Product and infrastructure lifecycle management and roadmaps across all IT infrastructure, mobile and application platforms
- Develop short-term, medium-term, and long-term tactical and strategic security plans.
- Ensure compliance with regulatory requirements (ISO27001, PCIDSS, NDPR, etc.).
- Implement multi-factor authentication, single sign-on, identity management, and related technologies.
- Conduct risk assessments and manage current security risks.
- Stay updated on security products, tools, and industry trends, including mobile security, network protocols, operating systems, and application security.
Qualifications
Education
- First degree in Information Technology, Information Systems, Engineering or related field
- Relevant postgraduate education is an advantage
- Professional certifications in CISSP, CISM, CEH
Experience
- 3 – 8 years of relevant work experience in cybersecurity & security engineering
- Minimum of 3 years’ experience in FinTech, Banking, or Financial Services.
- Deep understanding of the FinTech ecosystem, business models, and industry best practices.
- Knowledge of technical security disciplines, security architecture, engineering, and solution delivery.
- Familiarity with security frameworks, cryptography, authentication, and authorization.
- Additional architectural qualifications (ITIL, TOGAF, COBIT) preferred.
- Knowledge and experience across security products, tools, and industry trends: e.g. Mobile Security, Hardware Configuration, Network Protocols, Networking Standards, Windows, Linux and Unix operating systems, Application Security, Data Security, Application integration and Infrastructure Security, Security Frameworks, security attacks pathologies, wired and wireless security, and cyber laws and ethics