We are seeking a Network Security Architect to design and implement secure, resilient network solutions for our digital banking initiatives.
Responsibilities
- Produce and guide teams producing As-Is Security Architecture assessments, Target Security Architectures and High-Level Security Design Documents and LLDs for major banking change programs
- Deliver security design across REST APIs, Microservices, eventing, batch, integration gateways and secure data flows within highly regulated payments environments
- Assess solution designs created by Payments Architects, identify security gaps, evaluate risk and recommend secure design patterns
- Track and manage security design decisions, articulate risk-based options and negotiate with Technology, Business and Risk stakeholders
- Dig into technical details such as protocols, data flows, infra, APIs, application behaviours and implementation constraints
- Influence teams and stakeholders on secure-by-design principles through clear verbal and written communication
- Secure cloud, container and hybrid platforms including OpenShift, Kubernetes and service mesh
Requirements
- 7-9+ years' experience in network security management
- Background in large banking transformation programs in a Security Architecture role
- Expertise in core security standards and mechanisms including OAUTH2, OIDC and SAML2
- Proficiency in MTLS/PKI, encryption and tokenization
- Skills in HSMs, secrets management, network zoning and firewall rules
- Understanding of financial regulatory frameworks such as PSD2/RTS SCA, SWIFT CSP and PCI DSS
- Knowledge of EBA guidelines, local regulators and Irish and European financial regulations
- SABSA preferred, TOGAF or equivalent acceptable
- Advanced proficiency in English (B2+/C1)
Nice to have
- Background in security oversight or design experience on payment engines/platforms such as FIS, ACI and Temenos
- Full-stack or application engineering background prior to moving into Security Architecture
- Expertise in defining Infrastructure Security Architectures for high availability, resilience and operational risk controls including WAF, DDoS and SIEM
- Skills in designing secure data architectures, data classifications and key entity protection
- Exposure to DevSecOps practices, CI/CD security tooling and software supply chain protections
We offer
- We gather like-minded people:
- Engineering community of industry professionals
- Friendly team and enjoyable working environment
- Flexible schedule and opportunity to work remotely within Poland
- Chance to work abroad for up to 60 days annually
- Business-driven relocation opportunities
- We provide growth opportunities:
- Outstanding career roadmap
- Leadership development, career advising, soft skills, and well-being programs
- Certification (GCP, Azure, AWS)
- Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
- English classes
- We cover it all:
- Stable income (Employment Contract or B2B)
- Participation in the Employee Stock Purchase Plan
- Benefits package (health insurance, multisport, shopping vouchers)
- Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
- Referral bonuses
- Corporate, social and well-being events
- Please, note:
- The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview.
- We will reach out to selected candidates exclusively.
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.