Network Security Architect

We are seeking a Network Security Architect to design and implement secure, resilient network solutions for our digital banking initiatives.

Responsibilities

• Produce and guide teams producing As-Is Security Architecture assessments, Target Security Architectures and High-Level Security Design Documents and LLDs for major banking change programs
• Deliver security design across REST APIs, Microservices, eventing, batch, integration gateways and secure data flows within highly regulated payments environments
• Assess solution designs created by Payments Architects, identify security gaps, evaluate risk and recommend secure design patterns
• Track and manage security design decisions, articulate risk-based options and negotiate with Technology, Business and Risk stakeholders
• Dig into technical details such as protocols, data flows, infra, APIs, application behaviours and implementation constraints
• Influence teams and stakeholders on secure-by-design principles through clear verbal and written communication
• Secure cloud, container and hybrid platforms including OpenShift, Kubernetes and service mesh

Requirements

• 7-9+ years' experience in network security management
• Background in large banking transformation programs in a Security Architecture role
• Expertise in core security standards and mechanisms including OAUTH2, OIDC and SAML2
• Proficiency in MTLS/PKI, encryption and tokenization
• Skills in HSMs, secrets management, network zoning and firewall rules
• Understanding of financial regulatory frameworks such as PSD2/RTS SCA, SWIFT CSP and PCI DSS
• Knowledge of EBA guidelines, local regulators and Irish and European financial regulations
• SABSA preferred, TOGAF or equivalent acceptable
• Advanced proficiency in English (B2+/C1)

Nice to have

• Background in security oversight or design experience on payment engines/platforms such as FIS, ACI and Temenos
• Full-stack or application engineering background prior to moving into Security Architecture
• Expertise in defining Infrastructure Security Architectures for high availability, resilience and operational risk controls including WAF, DDoS and SIEM
• Skills in designing secure data architectures, data classifications and key entity protection
• Exposure to DevSecOps practices, CI/CD security tooling and software supply chain protections