Logo-of-Encora-Inc.-hiring-for-jobs-in-Malaysia-on-GrabJobs

Principal Digital Security Architect

icon building Syarikat : Encora Inc.
icon briefcase Jenis Pekerjaan : Sepenuh Masa

Bilangan Pemohon

 : 

000+

Click to reveal the number of candidates who applied for this job.
icon loader
Mohon Sekarang
icon loader Mohon Sekarang

Let AI Supercharge Your Job Hunt!

JobCopilot scans 500,000+ company career sites daily to find jobs for you

Never miss an opportunity Save hours by auto-filling applications forms Land more interviews with tailored applications
happy man
thunder iconActivate JobCopilot

Penerangan Pekerjaan - Principal Digital Security Architect

Key Responsibilities 
1. API & Ecosystem Architecture 
● The API Fortress: Architect the security layer for our API Gateway (e.g., Kong, 
Apigee, AWS Gateway). Define global policies for Rate Limiting, Throttling, and 
Authorization (preventing BOLA/IDOR attacks).  
● Supply Chain Security: Design secure integration patterns for our 3rd party partners 
(Fintechs, Credit Bureaus, Payment Processors). Ensure their insecurities do not 
become our breaches. 
● Microservices Mesh: Define how our internal services trust each other. Move from 
"Network Trust" to "Cryptographic Trust" using mTLS and Service-to-Service 
authentication. 


2. Identity & Access Management (CIAM) 
● Identity Strategy: Own the architecture for Customer Identity (CIAM). Design flows for 
Biometric Binding, Adaptive MFA, and Step-Up Authentication for high-value 
transactions. 
● Token Lifecycle: Define the standards for OAuth 2.0 and OpenID Connect (OIDC). 
Ensure we are using Financial-grade API (FAPI) standards for token issuance, 
revocation, and storage. 


3. Secure Development Lifecycle (SDLC) 
● Threat Modeling: Lead "Whiteboard Hacking" sessions with product owners. Identify 
business logic flaws (e.g., race conditions in ledgers, bypassable KYC steps) before a 
single line of code is written. 
● Paved Roads: Work with DevOps to architect secure-by-default libraries. (Example: 
Create a standard "Encryption Wrapper" library that all developers must use, so they 
don't invent their own crypto). 


4. Data Privacy & Cryptography 
● Data Defense: Define the architecture for Field-Level Encryption (FLE) in the 
database for PII and Banking Secrets. 
● Privacy Engineering: Architect systems that support "Right to be Forgotten" 
(GDPR/CCPA) without breaking the immutability of the financial ledger. 
Strategic Deliverables 
● Identity Patterns: Deliver new security design patterns and components for 
authentication, authorization, SSO, MFA, and Partner security to ensure seamless and 
secure user access. 
● Mobile & Edge: Deliver new security design patterns and components for Mobile 
security, ensuring consistency between iOS, Android, and the backend. 
● Modern Tech Stack: Deliver API, container, cloud, and AI security design patterns to 
support the bank's move toward intelligent, cloud-native infrastructure. 


What We Are Looking For 


1. The Background 
● 8+ Years Experience: A mix of Software Engineering and Security Architecture. 
● Ex-Developer: You must be able to read code (Java, Kotlin, React or Node.js, ).  
● Banking/Fintech Experience: Strong preference for candidates who have secured 
payment gateways, ledgers, or wallets. 


2. The Technical Skills 
● API Security: Deep mastery of REST and GraphQL security. 
● Auth Protocols: You can draw the OAuth 2.0 Authorization Code Flow with PKCE 
from memory. You understand JWT signing and JWKS key rotation. 
● Mobile Security: Understanding of how mobile apps store secrets 
(KeyStore/Keychain) and how to prevent API abuse from emulators/bots. 


3. The Mindset 
● Business Aligned: You understand that a bank exists to process transactions. You 
design security that reduces risk without destroying the User Experience (UX). 
● Pragmatic: You know when to demand a "Blocker" fix and when to accept a "Risk 
Acceptance" waiver.

Original job Principal Digital Security Architect posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Mohon Sekarang
Share Job
Share Job

Auto-Apply to Principal Digital Security Architect Jobs with your AI JobCopilot

thunder icon Auto-Apply with AI

Similar Principal Digital Security Architect Jobs in Malaysia

GrabJobs ialah portal pekerjaan no1 di Malaysia, menghubungkan anda dengan beribu-ribu pekerjaan dengan pantas! Cari kerja terbaik di Malaysia, mohon dalam 1 klik dan dapatkan pekerjaan hari ini!

Aplikasi Mudah Alih

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.