Security Architect

If you are looking to excel and make a difference, take a closer look at us…

Overview:

The Enterprise Security Architect will define the overarching security strategy and architectural frameworks for Hong Leong Bank (HLB). Reporting to the Head of Technology Architecture, this individual will ensure that all business platforms-from retail mobile apps to corporate banking portals-are designed with a security-first mindset that satisfies the multi-jurisdictional requirements of our regional presence.

Core Responsibilities:

• Regional Security Blueprinting: Establish unified security architecture patterns that harmonize Bank Negara Malaysia (BNM) RMiT requirements with MAS (Singapore), NBC (Cambodia), SBV (Vietnam), and HKMA (Hong Kong) regulations.

• App-Layer Strategy (Primary): Design the strategic security architecture for Open Banking, API orchestrations, and the HLB digital core. Define standards for end-to-end payload encryption and regional identity federation.

• Cross-Border Data Strategy: Design the architectural guardrails for regional data flows, ensuring cross-border privacy compliance and localized data residency requirements.

• Architectural Governance: Act as the lead security design authority within the Group Architecture Review Board (ARB), providing Go/No-Go advisory on the security viability of regional project designs.

Architectural Requirements

• Financial Services Security: Expert-level design of secure customer journeys, including Multi-Factor Authentication (MFA) strategies and biometric integration patterns.

• Modern Interface Security: Designing security blueprints for APIs, Microservices, and Cloud-Native applications.

• Payment Security: Good knowledge of securing the payment lifecycle to maintain PCI-DSS compliance across regional switching and processing hubs.

• Hybrid Cloud Design: Defining the security strategy for workloads spanning on-premise data centers and public cloud providers (AWS/Azure/Google Cloud).

• Network Topology: Architecting the high-level security zones for regional MPLS/SD-WAN connectivity, ensuring secure segmentation between country-specific branches and Group HQ.

• Zero Trust: Drafting the roadmap for a perimeter-less architecture to support a mobile, regional workforce.

Framework Proficiency & Experience

• Compliance Standards: Expert knowledge of PCI-DSS (Payment Card Industry Data Security Standard) and its application in architectural design.

• Regulatory Knowledge: Familiarity with regional fintech regulations (e.g., BNM RMiT, MAS TRM, and HKMA security guidelines).

• Education & Experience: 10+ years in IT, with 5+ years in a Senior Security Architecture role within a regional or global banking group.

• Methodology: Strong alignment with TOGAF for enterprise-wide architectural consistency.

For more job opportunities, please go to HLB Careers: