jobs in Encora Inc.

Encora Inc. Hiring! Full Time Principal Digital Security Architect in Federal Territory - Ricebowl

Principal Digital Security Architect

Encora Inc.

Undisclosed

KL City, Federal Territory

Share
Save

Working Location

  • Kuala Lumpur Federal Territory Malaysia

Job Description

Responsibilities

Key Responsibilities

  • API & Ecosystem Architecture
  • The API Fortress: Architect the security layer for our API Gateway (e.g., Kong,

Apigee, AWS Gateway). Define global policies for Rate Limiting, Throttling, and

Authorization (preventing BOLA/IDOR attacks).

  • Supply Chain Security: Design secure integration patterns for our 3rd party partners

(Fintechs, Credit Bureaus, Payment Processors). Ensure their insecurities do not

become our breaches.

  • Microservices Mesh: Define how our internal services trust each other. Move from

"Network Trust" to "Cryptographic Trust" using mTLS and Service-to-Service

authentication.

  • Identity & Access Management (CIAM)
  • Identity Strategy: Own the architecture for Customer Identity (CIAM). Design flows for

Biometric Binding, Adaptive MFA, and Step-Up Authentication for high-value

transactions.

  • Token Lifecycle: Define the standards for OAuth 2.0 and OpenID Connect (OIDC).

Ensure we are using Financial-grade API (FAPI) standards for token issuance,

revocation, and storage.

  • Secure Development Lifecycle (SDLC)
  • Threat Modeling: Lead "Whiteboard Hacking" sessions with product owners. Identify

business logic flaws (e.g., race conditions in ledgers, bypassable KYC steps) before a

single line of code is written.

  • Paved Roads: Work with DevOps to architect secure-by-default libraries. (Example:

Create a standard "Encryption Wrapper" library that all developers must use, so they

don't invent their own crypto).

  • Data Privacy & Cryptography
  • Data Defense: Define the architecture for Field-Level Encryption (FLE) in the

database for PII and Banking Secrets.

  • Privacy Engineering: Architect systems that support "Right to be Forgotten"

(GDPR/CCPA) without breaking the immutability of the financial ledger.

Strategic Deliverables

  • Identity Patterns: Deliver new security design patterns and components for

authentication, authorization, SSO, MFA, and Partner security to ensure seamless and

secure user access.

  • Mobile & Edge: Deliver new security design patterns and components for Mobile

security, ensuring consistency between iOS, Android, and the backend.

  • Modern Tech Stack: Deliver API, container, cloud, and AI security design patterns to

support the bank's move toward intelligent, cloud-native infrastructure.

What We Are Looking For

  • The Background
  • 8+ Years Experience: A mix of Software Engineering and Security Architecture.
  • Ex-Developer: You must be able to read code (Java, Kotlin, React or Node.js, ).
  • Banking/Fintech Experience: Strong preference for candidates who have secured

payment gateways, ledgers, or wallets.

  • The Technical Skills
  • API Security: Deep mastery of REST and GraphQL security.
  • Auth Protocols: You can draw the OAuth 2.0 Authorization Code Flow with PKCE

from memory. You understand JWT signing and JWKS key rotation.

  • Mobile Security: Understanding of how mobile apps store secrets

(KeyStore/Keychain) and how to prevent API abuse from emulators/bots.

  • The Mindset
  • Business Aligned: You understand that a bank exists to process transactions. You

design security that reduces risk without destroying the User Experience (UX).

  • Pragmatic: You know when to demand a "Blocker" fix and when to accept a "Risk

Acceptance" waiver.

Important Information

Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.

Learn More