Solutions Architect

Role Summary

Design and own end-to-end architecture for mission-critical payment services and organization related systems, spanning real-time rails, API gateways, tokenisation frameworks, and settlement infrastructure ensuring scalability, fault tolerance, and regulatory compliance at national scale. Translate complex business and compliance requirements into technically rigorous, vendor-neutral architectural decisions. Define and enforce architecture standards, patterns, and guardrails across engineering squads without direct management authority. Lead technical due diligence on vendor and third-party integrations, evaluating against security, performance, and interoperability criteria. Collaborate with product, engineering, risk, and compliance stakeholders to align architecture with strategic roadmaps. Produce architecture decision records, reference architectures, and threat models that serve as institutional knowledge. Drive the reduction of technical debt through structured remediation roadmaps. Operate at the intersection of deep technical expertise and business outcome orientation, the definitive technical authority engineering teams consult before committing to consequential design decisions.

Key Responsibilities

1. Architecture Design and Technical Ownership Design end-to-end architectures for mission-critical payment services and organization related systems, real-time rails, API gateways, tokenisation frameworks, settlement engines, and reconciliation pipelines with explicit attention to fault tolerance, horizontal scalability, and sub-second latency at national transaction volumes. Own architecture decisions across the full system lifecycle, producing high-quality Architecture Decision Records (ADRs) and reference architectures that serve as durable institutional knowledge and canonical starting points for engineering squads.

2. Technical Standards, Governance, and Guardrails. Define and continuously evolve architecture standards, patterns, and anti-patterns across the engineering organisation covering API design, service communication, data modelling, and security baselines. Conduct structured architecture reviews for all material system changes, identify and track technical debt by severity and cost-of-carry, and produce remediation roadmaps that translate engineering priorities into business risk language leadership can act on.

3. Payment Protocol and Domain Expertise. Added advantage is ability to apply deep expertise in ISO 20022, ISO 8583, and EMVCo specifications to architecture decisions involving interoperability, scheme compliance, and cross-border linkages. Design real-time payment systems with explicit handling of network partitions, duplicate transaction detection, and graceful degradation under congestion and maintain current knowledge of evolving scheme rules and regulatory technical requirements before they become compliance gaps.

4. Security Architecture and Threat Modelling. Own payment system security architecture, covering HSM integration, cryptographic key management, mutual TLS, OAuth 2.0, and API authorisation frameworks. Review new and significantly changed systems, enforce data classification controls at the architecture layer, and ensure SBOM obligations and third-party vulnerability management are addressed at design stage rather than discovered during security assessment.

5. Vendor Evaluation and Third-Party Integration Architecture. Lead technical due diligence on vendor evaluations by assessing API quality, performance, security posture, regulatory fit, and architectural compatibility. Design integration architectures with explicit failure isolation and operational observability, produce structured build-vs-buy assessments, and define measurable technical requirements in vendor SLAs by translating architecture-level expectations into contractual obligations with clear criteria.

6. Cross-Functional Collaboration and Technical Communication. Partner with product management and business team to translate business and regulatory requirements into technically sound architecture proposals. Serve as a trusted technical advisor to engineering squads by unblocking design decisions without creating delivery bottlenecks. Communicate architectural decisions and trade-offs to management teams, regulators, and participant bank technology leaders with precision calibrated to each audience, and represent PayNet's architecture position in external technical working groups and participant integration forums.

7. Platform Modernisation and Technical Transformation. Lead architecture design for brownfield modernisation, including legacy system decomposition, database re-platforming, and API-first transformation, with explicit strategies for managing coexistence of old and new systems during transition. Evaluate new technologies through structured proof-of-concept methodologies with clear adoption criteria and explicit retirement plans for displaced technologies.

8. Operational Architecture and Resilience Engineering. Design for operational excellence from the architecture layer by specifying distributed tracing, structured logging, metrics instrumentation, and alerting thresholds as first-class architectural concerns.

Candidate Must Have

Architecture Foundations

• • End-to-end system ownership from requirements through production for financial transaction systems at scale
  • Distributed systems architecture, consistency models, eventual consistency trade-offs, and failure handling across distributed transaction flows
  • API design and governance, RESTful, event-driven, and asynchronous messaging patterns with versioning, backward compatibility, and contract management
  • Security architecture as a first-class concern, authentication, authorisation, encryption in transit and at rest, and secrets management

Technical Baseline

• • Relational database design for transactional workloads, PostgreSQL, Oracle, or equivalent including indexing strategy and query performance at scale
  • Message broker architecture, Kafka, RabbitMQ, IBM MQ, or equivalent with understanding of ordering guarantees and exactly-once delivery semantics
  • Cloud or hybrid infrastructure architecture on at least one major platform. AWS, GCP, or Azure
  • Container orchestration concepts, Docker and Kubernetes at architectural understanding level
  • Networking fundamentals, TLS/mTLS, load balancing, and network segmentation sufficient to reason about security boundaries and failure modes

You're a strong fit if you also have

• • Payment Domain Experience. Hands-on architecture experience with real-time payment systems processing 1,000+ TPS sustained, with explicit handling of idempotency, atomicity, and settlement finality
  • Working knowledge of at least one major payment standard: ISO 20022, ISO 8583, or EMVCo specifications
  • Architecture experience in a regulated financial environment, banking, payment networks, client servicing applications, or equivalent
  • Tokenisation architecture experience, EMVCo token framework, token vault design, or cryptographic binding for card-present or card-not-present environments
  • Database migration architecture, Oracle-to-PostgreSQL or equivalent at production scale
  • Cross-border payment architecture, correspondent banking flows, FX handling, or regional payment network linkages
  • Fraud detection pipeline design, real-time scoring architecture and model serving latency requirements

Tools you are likely to know at depth

Java/Golang, Postman, Apache Kafka · Confluent · NATS · OpenTelemetry · Datadog · Dynatrace · Grafana · HashiCorp Vault · AWS · Thales HSM · Terraform · PostgreSQL · Oracle · Redis ·