Job Description

About NRT

NRT is one of the 50 Best Managed Companies, and we're looking for a dynamic candidate who is motivated and passionate about working for a FinTech leader!

NRT provides next-generation commerce and information-enabling experiences for enterprise customers around the world. Our solutions include secure payment systems, specialized financial and marketing kiosks, AML compliance tracking and reporting tools, digital gamification and mobile experiences, intelligent table game platforms, credit/marker information services and electronic marker solutions. We work with hundreds of casinos throughout North and South America, Asia and beyond.



We offer a competitive salary, group benefits (health, vision, dental and life insurances), career advancement opportunities, and an exciting environment. Individual and creative contributions to our company objectives are highly encouraged and recognized. You can read more about us at: www.nrttech.com.

Reporting directly to the Principal Enterprise Architect, the Enterprise Architect will be a key member of IT Operations 24x7 department consisting of NOC, IT Administrators and Enterprise Architect teams and will be helping in delivering the main mandate of the department's 99.99% services uptime. To sustainably achieve this goal, the architect will work very closely with the Senior Manager, IT Operations on setting the road map with other IT departments and stakeholders on helping roadmap execution and with other business departments on various projects and initiatives.

Core Competencies

Analytical Accountability & Adaptability Problem-Solving Communication Teamwork Mentorship Interpersonal Skills

Key Responsibilities

Architecture & Design

o Develop and maintain the enterprise architecture roadmap for ATM production systems, including networking, compute, storage, and security layers.

o Architect PCI DSS-compliant transaction processing environments across multiple, geographically separated data centres.

o Integrate high-availability designs for critical services (e.g., HSM clusters, ATM switch infrastructure, RKL, firewalls, VPNs).

o Ensure architecture supports SOC 2 controls for confidentiality, integrity, and availability.

Security & Compliance

o Define and enforce network segmentation for PCI zones, ATM subnets, and secure enclaves.

o Ensure firewall and VPN designs align with PCI DSS requirement 1 and SOC 2 security principles.

o Maintain architecture documentation to support QSA and SOC auditor evidence requests.

o Collaborate with InfoSec to embed DLP, SIEM, and intrusion prevention into production environments.

Networking & Infrastructure

o Architect and validate low-latency ATM transaction networking

o Oversee configuration of enterprise firewalls for PCI and ATM transaction isolation.

o Design resilient VPN architectures for financial institutions, processors, and internal secure management access.

o Coordinate Windows Server role deployment (AD DS, RDS, SQL Server clusters, SSRS) with high-availability in PCI-compliant zones.

Documentation & Diagramming

o Produce HLD (High-Level Design) and LLD (Low-Level Design) documentation for all critical systems.

o Maintain diagrams for network topology, security zones, and data flows, with PCI scope clearly annotated.

o Document operational runbooks for failover, disaster recovery, and incident response in ATM production contexts.

Governance & Standards

o Establish and maintain architecture standards for firewall rulesets, VPN configurations, OS hardening, and logging.

o Enforce change control discipline for any infrastructure impacting PCI zones.

Collaboration & Mentorship

o Partner with network, security, operations, and development teams to ensure

Qualifications

Extensive experience within Networking and System Admin Deep understanding of PCI DSS 4.0 requirements and SOC 2 Trust Service Criteria. Experience supporting QSA assessments and remediation activities ATM network protocols: ISO 8583, Triton, and encryption key management workflows (DUKPT, RKL). Advanced networking: BGP, OSPF, VLAN segmentation, VRRP/HSRP, redundant WAN/MPLS design. Server platforms: Windows Server (AD, RDS, SQL Server HA), Linux (security-hardened builds). Experience with multi-data centre deployments in regulated financial environments. Knowledge of cloud integrations in hybrid ATM production systems (Azure/AWS, PCI-scoped workloads).

Certifications Preferred

* Certifications: CISSP, CISM, TOGAF, PCI-P, CCNP Security, Microsoft Certified: Azure Solutions Architect Expert