Key Responsibilities
1. API & Ecosystem Architecture
● The API Fortress: Architect the security layer for our API Gateway (e.g., Kong,
Apigee, AWS Gateway). Define global policies for Rate Limiting, Throttling, and
Authorization (preventing BOLA/IDOR attacks).
● Supply Chain Security: Design secure integration patterns for our 3rd party partners
(Fintechs, Credit Bureaus, Payment Processors). Ensure their insecurities do not
become our breaches.
● Microservices Mesh: Define how our internal services trust each other. Move from
"Network Trust" to "Cryptographic Trust" using mTLS and Service-to-Service
authentication.
2. Identity & Access Management (CIAM)
● Identity Strategy: Own the architecture for Customer Identity (CIAM). Design flows for
Biometric Binding, Adaptive MFA, and Step-Up Authentication for high-value
transactions.
● Token Lifecycle: Define the standards for OAuth 2.0 and OpenID Connect (OIDC).
Ensure we are using Financial-grade API (FAPI) standards for token issuance,
revocation, and storage.
3. Secure Development Lifecycle (SDLC)
● Threat Modeling: Lead "Whiteboard Hacking" sessions with product owners. Identify
business logic flaws (e.g., race conditions in ledgers, bypassable KYC steps) before a
single line of code is written.
● Paved Roads: Work with DevOps to architect secure-by-default libraries. (Example:
Create a standard "Encryption Wrapper" library that all developers must use, so they
don't invent their own crypto).
4. Data Privacy & Cryptography
● Data Defense: Define the architecture for Field-Level Encryption (FLE) in the
database for PII and Banking Secrets.
● Privacy Engineering: Architect systems that support "Right to be Forgotten"
(GDPR/CCPA) without breaking the immutability of the financial ledger.
Strategic Deliverables
● Identity Patterns: Deliver new security design patterns and components for
authentication, authorization, SSO, MFA, and Partner security to ensure seamless and
secure user access.
● Mobile & Edge: Deliver new security design patterns and components for Mobile
security, ensuring consistency between iOS, Android, and the backend.
● Modern Tech Stack: Deliver API, container, cloud, and AI security design patterns to
support the bank's move toward intelligent, cloud-native infrastructure.
What We Are Looking For
1. The Background
● 8+ Years Experience: A mix of Software Engineering and Security Architecture.
● Ex-Developer: You must be able to read code (Java, Kotlin, React or Node.js, ).
● Banking/Fintech Experience: Strong preference for candidates who have secured
payment gateways, ledgers, or wallets.
2. The Technical Skills
● API Security: Deep mastery of REST and GraphQL security.
● Auth Protocols: You can draw the OAuth 2.0 Authorization Code Flow with PKCE
from memory. You understand JWT signing and JWKS key rotation.
● Mobile Security: Understanding of how mobile apps store secrets
(KeyStore/Keychain) and how to prevent API abuse from emulators/bots.
3. The Mindset
● Business Aligned: You understand that a bank exists to process transactions. You
design security that reduces risk without destroying the User Experience (UX).
● Pragmatic: You know when to demand a "Blocker" fix and when to accept a "Risk
Acceptance" waiver.
Coforge Limited is a global AI-native engineering and digital services leader, where artificial intelligence is core to how we design, build, and deliver intelligent, scalable solutions for enterprises across BFSI, travel, transportation, healthcare, and insurance.
Key team members
Partha Anbil
Brian Glidden
Mike Himley
Rajeev Pandey
Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.