The Security Architect is responsible for designing, enhancing, and governing the bank’s security architecture across applications, infrastructure, cloud, data, and emerging technologies. The role ensures that security controls are embedded into technology designs, aligned with HKMA regulatory requirements, and capable of supporting the bank’s long term cyber resilience strategy. This position partners closely with IT, business units, project teams, and senior management to provide expert guidance on secure design and risk mitigation.
Key Responsibilities
Security Architecture Design & Governance
• Develop and maintain enterprise security architecture frameworks, reference architectures, and security design patterns.
• Define security principles, standards, and guardrails for applications, infrastructure, cloud, APIs, and data platforms.
• Review solution architectures, technical designs, and integration models to ensure alignment with security requirements.
• Provide expert guidance on secure network segmentation, identity architecture, encryption, key management, and zero trust principles.
• Ensure architecture decisions support scalability, resilience, and operational feasibility.
• Serve as the security architect for new projects, system enhancements, and technology initiatives.
• Conduct threat modelling, architecture risk assessments, and design reviews.
• Identify security gaps and recommend pragmatic, risk based mitigation measures.
• Collaborate with project managers, developers, infrastructure teams, and vendors to embed security early in the lifecycle.
• Define cloud security architecture for IaaS, PaaS, SaaS, and hybrid environments.
• Guide secure adoption of containers, Kubernetes, CI/CD pipelines, and DevSecOps practices.
• Evaluate emerging technologies (AI/ML, APIs, microservices, mobile, fintech integrations) for security implications.
• Ensure secure configuration baselines, identity models, and monitoring capabilities for cloud workloads.
• Provide architectural oversight for key security technologies such as IAM, PAM, SIEM, SOAR, EDR, DLP, WAF, and network security platforms.
• Ensure security tools integrate effectively with enterprise systems and support detection, response, and governance needs.
• Recommend enhancements to monitoring, logging, and incident response capabilities.
• Support the definition of security requirements for vendor solutions and third party integrations.
• Develop architecture documentation, security standards, and design guidelines.
• Present architecture decisions, risks, and recommendations to senior management and governance committees.
• Support regulatory inspections, internal audits, and external assessments.
• Act as a trusted advisor to IT and business stakeholders, promoting a culture of secure by design.
Qualifications & Experience
• Bachelor’s degree in Information Security, Computer Science, or related field.
• 8–12+ years of experience in security architecture, solution architecture, or senior security engineering roles.
• Strong knowledge of application security, network security, cloud security, identity architecture, and data protection.
• Hands on experience with cloud platforms (Azure, AWS), IAM/PAM, SIEM, EDR, WAF, and encryption technologies.
• Possession of relevant HKMA ECF Certifications in Cybersecurity.
Key Competencies
• Strategic thinker with strong technical depth.
• Ability to translate complex security concepts into clear, actionable guidance.
• Excellent communication and stakeholder management skills.
• Strong analytical, problem solving, and decision making capabilities.
• Proactive, collaborative, and committed to continuous improvement.
About Dah Sing Bank
Dah Sing Bank, Limited is a wholly-owned subsidiary of Dah Sing Banking Group (HKG:2356) which is listed on the Hong Kong Stock Exchange. Founded in Hong Kong over 70 years ago, Dah Sing Bank has been providing quality banking products and services to our customers with a vision to be “The Local Bank with a Personal Touch”. Over the years, the Bank has been rigorous in delivering on our brand promise to grow with our customers in Hong Kong, the Greater Bay Area and beyond – "Together We Progress and Prosper". Building on our experience and solid foundation in the industry, the Bank’s scope of professional services now spans retail banking, private banking, business and commercial banking. Meanwhile, the Bank is also making significant investments in our digital banking capabilities to stay abreast with smart banking developments in Hong Kong and to support financial inclusion at large.
In addition to its Hong Kong banking operations, Dah Sing Bank also has wholly-owned subsidiaries including Dah Sing Bank (China) Limited, Banco Comercial de Macau, and OK Finance Limited. It is also a strategic shareholder of Bank of Chongqing with a shareholding of about 15%. Dah Sing Bank and its subsidiaries now have around 70 branches operating in Hong Kong, Macau and Mainland China.
This Page is written by the Bank in English. Any automated translated text in other languages appearing on this Page is not written or provided by the Bank and the Bank shall not be liable for any related issue or error.
This service/product is not targeted at customers in the EU.
本專頁由本行以英文撰寫。於本專頁出現之任何其他語言自動翻譯版本並不由本行撰寫或提供,本行將不承擔任何相關問題或錯誤。
本服務/產品並不是以歐盟的人士為目標。
