Security Architect at Prime Bank Kenya

Job purpose:

The Security Architect is responsible for designing, building, and overseeing the implementation of complex security environments that protect the bank’s digital infrastructure and financial assets. You serve as the primary bridge between business objectives and technical security controls, ensuring that all systems are resilient against advanced cyber threats while remaining compliant with global financial regulations. By establishing enterprise-wide security standards and frameworks, you provide the strategic foundation that enables the bank to innovate safely in a rapidly evolving digital landscape.

Key responsibilities:

• Design and maintain a comprehensive enterprise security architecture that aligns with the bank’s business goals and regulatory requirements.
• Conduct rigorous security architecture reviews for all new IT projects, ensuring that security “by design” and “by default” principles are integrated from the start.
• Develop and enforce technical security standards for identity and access management (IAM), encryption, network segmentation, on all environments.
• Proactively identify architectural gaps and vulnerabilities within the bank’s existing ecosystem and propose scalable technical solutions to mitigate those risks.
• Collaborate with senior leadership and stakeholders to translate complex security requirements into actionable technical roadmaps and investment priorities.
• Oversee the selection and implementation of advanced security technologies, ensuring they integrate seamlessly with the bank’s current stack and long-term strategy.

Job Experience/Qualifications:

• Bachelor’s degree in information technology, Computer Science, Computer Information System, Cyber Security, Cyber Forensic or any equivalent field.
• Familiarity with industry standards, frameworks and regulations (e.g., ISO 27001, NIST, MITRE ATT&CK matrix etc.)
• Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools.
• At least seven years’ post qualification experience.
• Extensive experience in designing security for financial systems, including knowledge of PCI-DSS, SWIFT CSP, and the Kenya Data Protection Act (2019), is mandatory.
• Candidates should ideally hold advanced professional certifications such as CISSP, CISM, SABSA, or TOGAF, along with role-specific cloud security certifications.
• Deep understanding of modern defence-in-depth strategies, including Zero Trust architecture, is required to protect the bank’s increasingly decentralized network.

Skills & Competencies:

• Exceptional strategic thinking and the ability to visualize the long-term security posture while maintaining focus on immediate technical risks.
• Strong leadership and stakeholder management skills are necessary to influence the Board and senior management on critical security investments.
• Demonstrate an advanced ability to perform risk-based decision-making, balancing security requirements with the bank’s need for operational agility.
• Excellent technical documentation skills are required to create architectural blueprints and compliance reports for submission to the Central Bank of Kenya.
• A proactive mindset toward innovation is essential for staying ahead of regional threat actors and adopting cutting-edge defences like AI-driven threat detection.
• Exhibit strong vendor management skills to ensure third-party service providers comply with the bank’s stringent security and privacy standards.