Job Purpose

The ESB & Digital Channels Security Specialist safeguards the bank’s integration fabric and customer-facing digital platforms by ensuring the confidentiality, integrity, and availability of services that traverse the Enterprise Service Bus (ESB) and all digital channels (mobile banking, internet banking, agency banking, USSD, card switch, open APIs).

The role designs and enforces security controls for APIs, services, and channel applications; continuously monitors for threats and anomalies; manages access and certificates/keys; and drives secure change, patching, and incident response across the integration and channels estate.

Working closely with Architects, Digital Banking, Core Banking, Network/SOC, Risk, and Vendor teams, the specialist ensures every service integration and channel release adheres to security standards and regulatory requirements, reduces fraud and cyber exposure, and maintains resilient, compliant, and trusted digital banking experiences.

Principle Responsibilities

• Secure the middleware layer (ESB) and the APIs that connect critical systems.
• Manage API security gateways and Proxies to enforce security policies, rate limiting, and threat protection for internal and external APIs.
• Conduct security reviews on ESB and Digital Channels.
• Coordinate Security assessments and penetration tests on ESB and Digital Channels.
• Implement security controls to protect against common attacks on digital channels.
• Own security patterns for ESB/API gateway and channel integrations.
• Enforce certificates lifecycle within the ESB and digital channel platforms.
• Design API & channel security monitoring use cases in SIEM/Fraud systems.
• Conduct threat modeling for new channel features and partner APIs.
• Manage secrets, keys, and tokens with HSM/KMS and rotation policies.
• Security testing for channels (DAST/mobile app assessments, API pen tests).
• Collaborate on WAF/API gateway policies and bot management.
• Review SDKs & mobile app hardening (obfuscation, anti-tamper, cert pinning).
• Validate logging & traceability across ESB, channels, and backends.
• Serve as the primary security expert to ESB And Digital Channels Platforms.
• Any other roles and responsibilities as may be assigned by management.

Qualifications Required

• Bachelor’s degree in computer science, Cyber Security, Software engineering or related academic field.
• Industry certifications such as CISSP, CEH, OSCP, or CSSLP are a plus.
• Minimum of 3 years of experience in Cyber Security and Strong foundation of the required skills and knowledge through integration or channels security within financial services.

• ·ESB Platforms and their complexities, interrelations with digital channels.
• Certificates life cycle management, Secure coding standards solid understanding.
• Mobile and web security understanding.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS).
• Basic knowledge of DevSecOps, CI/CD pipeline security, and cloud platforms.
• Understanding of ICT infrastructure, networks, and application development.
• Analytical and problem-solving skills, especially in identifying and mitigating security risks.
• Basic project management and documentation skills.
• API security policy design and gateways configuration.
• TLS/cert lifecycle automation and secrets management.
• SIEM use-case design for API/channel telemetry.
• Secure onboarding of third-party fintech partners.
• Hands-on with API gateways/ESB and channel protection measures

• Secure the middleware layer (ESB) and the APIs that connect critical systems.
• Manage API security gateways and Proxies to enforce security policies, rate limiting, and threat protection for internal and external APIs.
• Conduct security reviews on ESB and Digital Channels.
• Coordinate Security assessments and penetration tests on ESB and Digital Channels.
• Implement security controls to protect against common attacks on digital channels.
• Own security patterns for ESB/API gateway and channel integrations.
• Enforce certificates lifecycle within the ESB and digital channel platforms.
• Design API & channel security monitoring use cases in SIEM/Fraud systems.
• Conduct threat modeling for new channel features and partner APIs.
• Manage secrets, keys, and tokens with HSM/KMS and rotation policies.
• Security testing for channels (DAST/mobile app assessments, API pen tests).
• Collaborate on WAF/API gateway policies and bot management.
• Review SDKs & mobile app hardening (obfuscation, anti-tamper, cert pinning).
• Validate logging & traceability across ESB, channels, and backends.
• Serve as the primary security expert to ESB And Digital Channels Platforms.
• Any other roles and responsibilities as may be assigned by management.

• API security policy design and gateways configuration.
• TLS/cert lifecycle automation and secrets management.
• SIEM use-case design for API/channel telemetry.
• Secure onboarding of third-party fintech partners.
• Hands-on with API gateways/ESB and channel protection measures.

• Bachelor’s degree in computer science, Cyber Security, Software engineering or related academic field.
• Industry certifications such as CISSP, CEH, OSCP, or CSSLP are a plus.
• Minimum of 3 years of experience in Cyber Security and Strong foundation of the required skills and knowledge through integration or channels security within financial services.
• ESB Platforms and their complexities, interrelations with digital channels.
• Certificates life cycle management, Secure coding standards solid understanding.
• Mobile and web security understanding.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS).
• Basic knowledge of DevSecOps, CI/CD pipeline security, and cloud platforms.
• Understanding of ICT infrastructure, networks, and application development.
• Analytical and problem-solving skills, especially in identifying and mitigating security risks.
• Basic project management and documentation skills.