Sr. Lead Cybersecurity Architect

Established in 2008, Geidea epitomizes customer focused empowerment and commercial success through continuous innovation.

Geidea makes best in class digital payment solutions available for all by attracting and leveraging the best creative & entrepreneurial talent in the market

Our solutions give any business the chance to get ahead and reach for more no matter their size or maturity.

Our technology mirrors our people - Smart, Innovative & Forward Thinking

www.geidea.net

To maintain a competitive advantage as we grow, we are currently looking for a new "Sr. Lead Cybersecurity Architect"

Job purpose:

Lead the design, governance, and continuous improvement of the organization's cybersecurity architecture across IT infrastructure environments (on-premises, private cloud, and public cloud). This role is accountable for establishing and enforcing security architecture standards, ensuring alignment with regulatory requirements, and providing architectural oversight for all technology changes impacting the security posture of payment processing systems and enterprise infrastructure.

The Senior Lead serves as the primary security architecture authority, working cross-functionally with Technology, Product, and Risk teams to embed security-by-design principles into all initiatives while enabling business agility and innovation

Responsibilities:

• Security Architecture Standards, Develop and maintain security architectures, design requirements, and hardening baselines for infrastructure, Network, and applications components.
• Lead Security Reviews for Changes, Review and approve/reject infrastructure, network, and application changes from a security perspective. Represent cybersecurity in CAB and architecture review sessions.
• Threat Modelling, Lead threat modelling sessions for new projects, system changes, API, Microservices, and third-party integrations. Identify threats, attack vectors, and security requirements during the design phase.
• Secure Third-Party Integrations, Assess and define security requirements for vendor integrations, APIs, and external connections. Ensure third party integrations doesn't introduce unacceptable risk.
• Security Infrastructure & Data Protection, Design network segmentation, IAM/PAM architecture, encryption strategy, and key management (HSM/KMS).
• Define security requirements for disaster recovery and ensure security controls are maintained during failover.
• Security Technology Evaluation, Assess and recommend security tools and technologies. Lead proof-of-concept evaluations, define technical requirements, and support vendor selection for security solutions

Qualifications:

• 3-7 Years of experience
• Bachelor’s degree in computer engineering, computer science, Information Technology.
• Sound experience in PCI-DSS, NCA, SAMA CSF.
• Hands-on experience designing security for hybrid environments (on-prem set up , private cloud , public cloud - AWS)
• Background in financial services, payments, or fintech PCI-DSS scoped environment
• Network Security: Firewalls (Palo Alto, Fortinet), IDS/IPS, network segmentation, micro-segmentation, Zero Trust architecture
• AWS Security: VPC architecture, IAM, KMS, Security Hub, GuardDuty, CloudTrail.
• Private Cloud: VMware vSphere security, NSX micro-segmentation, hypervisor hardening
• Identity & Access: Active Directory security, Azure AD, SAML/OIDC federation, IAM & PAM solutions
• Data Protection: Encryption architecture, key management (HSM, KMS), data classification, tokenization
• Security Tools: SIEM, vulnerability management, endpoint protection platforms
• Application Security: API security (OAuth, JWT, mTLS), secure architecture patterns, threat modeling

Certifications

• CISSP, CCSP, AWS Certification, SABSA, TOGAF, CISM, CCSK.

Our values guide how we think and act - They describe what we care about the most

C ustomer first - It’s embedded in our design thinking and customer service approach

O pen - Openness allows us to constantly improve and evolve

R eal - No jargon and no excuses!

B old - Constantly challenging ourselves and our way of thinking.

R esilient – If we fail, we bounce back stronger than before.

C ollaborative - We know that we can achieve a lot more as a team.

We are changing lives by constantly striving for a better solution.