Enterprise Security Architect in London

Apex is looking for an experienced Enterprise Security Architect to join our growing Security Architecture team. This role is pivotal in designing and guiding the implementation of secure technology solutions across the organization. You will help build scalable, resilient, and secure systems that support Apex’s business objectives and regulatory commitments.

Key Responsibilities

• Design and maintain secure architecture patterns aligned with Apex’s technology roadmap and business goals.
• Serve as the security design authority for assigned projects, initiatives, or architectural domains.
• Translate security policies and standards into actionable design controls and implementation guidance.
• Evaluate emerging technologies, products, and platforms for alignment with enterprise security strategy.
• Conduct architecture risk assessments and threat modelling to identify potential exposures.
• Collaborate with infrastructure, application, and data teams to ensure secure solution design and integration.
• Document and maintain security architecture artefacts, including diagrams, control mappings, and design decisions.
• Develop security reference architectures and reusable design templates.
• Stay current on emerging threats, vulnerabilities, and technology trends.
• Execute delegated tasks as deemed appropriate by the Group CISO and other empowered Group Cyber leadership authorities, ensuring timely and effective completion in alignment with organizational priorities.
• Support the Group Cyber Strategy end‑to‑end, driving alignment of all activities, decisions, and deliverables with strategic objectives and business outcomes.

Areas of Specialization

Depending on expertise, the role may focus on one or more of the following domains:

• Cloud & Infrastructure Security: Secure deployment and integration across hybrid/multi‑cloud environments, network security, IaaS/PaaS/SaaS controls, and cloud governance.
• Application Security: Secure software architecture, threat modelling, DevSecOps, API and identity design, and CI/CD integration.
• Data, AI & Tokenization: Data classification, privacy‑enhancing technologies, encryption/tokenization, AI governance, and secure data pipeline design.
• Security Architecture Advisory Services: Strategic and technical guidance across domains, aligning security architecture with business objectives. Focus areas include zero‑trust principles, risk‑based decision‑making, and security integration into digital transformation initiatives.

Required Experience & Skills

• Experience: 10+ years of overall experience in cybersecurity or infrastructure/application roles, with 5‑7 years of experience in architecture, design, or engineering roles involving security.
• Proven experience architecting secure systems in large or complex enterprise environments.

• Technical Expertise: Hands‑on exposure to one or more of: AWS, Azure, GCP, Kubernetes, IAM, CI/CD, API gateways, SIEM/SOAR, email security, EDR, ZTNA technologies or data security technologies. Strong understanding of security principles, design patterns, and defense‑in‑depth strategies.

• Knowledge of Standards: Strong knowledge of relevant security standards and frameworks such as NIST, ISO 27001, CSA CCM, MITRE ATT&CK, SOC2 and OWASP.

• Communication Skills: Ability to articulate technical risks and architectural decisions to both technical and non‑technical audiences.

• Certifications: Architectural qualifications (e.g., SABSA, TOGAF) are essential. Professional certifications (e.g., CISSP, CCSP, AWS/Azure Architect, GCP Security) are highly desirable.

Why Join Apex

• Opportunity to work with senior security professionals across multiple global teams.
• Exposure to modern technologies and enterprise‑scale transformation projects.
• Flexible work options and a strong focus on team collaboration and growth.
• Opportunity to shape enterprise security architecture in a global organization.