CrawlJobs Logo
Whitehall Resources Ltd Logo Whitehall Resources Ltd · IT - Software Development

API Security Architect

United Kingdom, Cheshire · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

We are looking for an API Security Architect to define, design, and oversee the implementation of enterprise grade API security architecture. The role ensures APIs are built securely, follow best practice standards, and align with organisational security and compliance requirements.

Job Responsibility

  • Design end to end API security architecture across cloud and on premise environments
  • Define API security standards covering authentication, authorization, encryption, and threat protection
  • Lead architectural reviews, threat modelling, and risk assessments for API integrations
  • Select, architect, and optimize API gateways, WAFs, and security controls
  • Develop reference architectures and reusable security patterns for engineering teams
  • Provide security governance for API development, lifecycle management, and CI/CD practices
  • Partner with engineering, product, and security operations to embed secure-by-design principles
  • Oversee remediation strategies for API vulnerabilities and guide architecture improvements

Requirements

  • Proven experience in API security architecture within large-scale environments
  • Expertise in API gateways (Apigee, Azure API Management, Kong, Mulesoft)
  • Strong knowledge of OAuth2.0, OIDC, JWT, mTLS, TLS, and Zero Trust principles
  • Deep understanding of OWASP API Security Top 10 and secure design patterns
  • Experience designing security controls in cloud (Azure, AWS, or GCP)
  • Ability to create architectural artefacts (HLDs, LLDs, security patterns)

Nice to have

  • Certifications: CISSP, CCSP, GIAC, SABSA
  • Experience with DevSecOps, container security, and microservices architecture
  • Knowledge of SIEM, API analytics, and threat intelligence
Whitehall Resources Ltd - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

API Security Architect

8 matching positions

IT & Security Solution Architect – Security Focus

High Visibility Build Role Join an impactful, high-performing architecture team ...
Location
Location
United States , Moline
Salary
Salary:
125000.00 - 160000.00 USD / Year
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree / equivalent experience in IT, engineering, cybersecurity or related field
  • 3-5 years’ experience in tech + security architecture/design, with a focus on infrastructure or security domains
  • Hands-on experience in cloud native, DevOps, and secure integration patterns
  • Security certifications (like CISSP, CCSP, CISM)
  • Experience across technology and security, especially integrating solution & securing cloud-native environments
  • A background in infrastructure or networking is valued
  • Financial services experience preferred
  • Proficiency with threat modeling, Visio diagrams, secure SDLC (Agile, DevOps), and authentication/data transfer
  • Strong communication with a transparent approach
Job Responsibility
Job Responsibility
  • Build secure, scalable architectures for cloud, apps, & infrastructure – working hands-on with modern tools like Azure, Google Cloud, microservices, APIs and service bus
  • Turn business needs into actionable designs to drive secure integrations & risk mitigation
  • Lead road mapping, solution design, threat modelling, documentation – making sure security is woven in
  • Act as a bridge between technical, security, and non-technical stakeholders, translating cybersecurity concepts and controls
  • Help shape standards, governance & best practices, collaborating on upgrade & integration of hybrid (cloud/on-prem) systems
  • Preferably Azure Cloud
What we offer
What we offer
  • bonus
  • excellent benefits
  • medical, vision, dental, and life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right
New

Lead Application Security Architect

The Application Security Architect is a senior, influential role responsible for...
Location
Location
United Kingdom; Sweden; Poland , London; Stockholm; Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated application security or product security role
  • Demonstrated experience designing and implementing a Secure SDLC in a cloud-native environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of AppSec tools (e.g., Snyk, Checkmarx, Veracode,)
  • Experience with securing microservices architectures, APIs, and modern web/mobile applications
  • Experience with securing AI/ML systems
  • A Bachelor’s degree in a relevant field or equivalent professional experience
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s global Secure Software Development Lifecycle (SSDLC), from threat modeling to secure release, in close partnership with key stakeholders across Engineering and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for secure coding, vulnerability management, and secure architecture
  • Create and champion the strategy for our application security tooling, including SAST, DAST, IAST, and Software Composition Analysis (SCA)
  • Define and manage the application security standards for Mergers & Acquisitions, establishing clear requirements and guiding the architectural integration of acquired technologies
  • Act as a lead security consultant and strategic partner for product and engineering teams, providing expert guidance on secure design patterns and vulnerability remediation
  • Forge a dynamic partnership with the Platform Security team: co-design the security tooling roadmap, consume their platforms where they meet global standards, and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for new applications and high-risk features
  • Act as a senior mentor and advocate for security engineers and champions across the organization, helping to grow our security talent
  • Stay at the forefront of emerging application security threats, with a particular focus on the risks associated with AI/ML systems
  • Collaborate with Data & AI teams to develop security principles and architectural patterns for securely integrating AI into our products
  • Fulltime
Read More
Arrow Right

Application Security Architect

The NTT DATA Services Security Analysis Strategic Advisor Security Architect ser...
Location
Location
United States , Boston
Salary
Salary:
116000.00 - 190000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 years of comprehensive full stack development experience, with proficiency in technologies such as J2EE, C# .NET, JavaScript, and Python.
  • 5 years serving as a senior application security architect, with a strong emphasis on promoting application security standards and practices.
  • Demonstrated expertise in designing, architecting, and building secure enterprise web applications.
  • Skilled in developing scalable applications on cloud platforms, including AWS and/or Azure, with a focus on security principles and deployment best practices.
  • Highly experienced in conducting security peer reviews across application design, testing, and code.
  • Working experience with integrating applications into security technologies such as WAF, API gateways, Privileged access management platforms , identity access management platforms , LDAP and identity access governance systems
Job Responsibility
Job Responsibility
  • Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of client’s environment and data
  • Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
  • Evaluate new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization
  • Maintaining an information security strategy (forward looking roadmap), for your customer, aligning services / portfolio components to the strategy
  • Ensure the delivery of information security services to the customer is in compliance with the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
  • Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
  • Participate in internal and external audits for the customer (e.g., PCI, SOX) and coordinate information security services activities
  • Manage and drive remediation efforts related to information security
  • remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
  • Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
What we offer
What we offer
  • medical, dental, and vision insurance with an employer contribution
  • flexible spending or health savings account
  • life and AD&D insurance
  • short and long term disability coverage
  • paid time off
  • employee assistance
  • participation in a 401k program with company match
  • additional voluntary or legally-required benefits
Read More
Arrow Right

Information Security Architect - Telephony / IoT / Cloud / Apps / AI

We have a 6-month contract to hire position open for a Security Architect role. ...
Location
Location
United States , Roseville
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related field
  • Master's preferred
  • 7+ years of progressive experience in Information Security Architecture & Operations roles
  • Certifications: CISSP, CCSP, SABSA, CISM, TOGAF, AI Security Specialist
  • Deep understanding of network, cloud, and application security across telecom, IT, and IoT ecosystems
  • Experience designing and securing AI/ML platforms including governance of LLMs and agentic AI tools
  • Proven experience with regulatory frameworks (FCC, HIPAA, NIST, ISO 27001)
  • Hands-on experience with cloud-native security (AWS, Azure, GCP) and Dev Sec Ops tooling
  • Experience with endpoint detection and response (EDR) platforms, ideally Crowdstrike
  • Hands-on expertise with vulnerability management and SIEM platforms, including Rapid7
Job Responsibility
Job Responsibility
  • Develop and maintain the enterprise security architecture framework covering IT, telecom, mobile, and IoT platforms
  • Lead & partake in enterprise-wide cybersecurity initiatives, aligning with industry frameworks (NIST, ISO, CIS)
  • Define zero-trust architecture patterns for multi-cloud (AWS, MS Azure) and hybrid environments
  • Evaluate and recommend new security technologies and processes to address evolving threats
  • Define and ensure clear direction for configuration, monitoring, and hardening of Cisco security infrastructure including firewalls, VPNs, and intrusion prevention systems
  • Define and oversee policies & guidelines for vulnerability management programs, and leveraging tools such as Rapid7
  • Ensure security-by-design principles are embedded in all technology initiatives, including product development and infrastructure modernization
  • Partner with Enterprise Architecture and Tech Ops teams to align security blueprints with overall technical standards and business capabilities
  • Define AI/ML and Agentic AI security guardrails, including model access, prompt sanitization, model drift monitoring, and data provenance controls
  • Develop governance policies for secure use of AI APIs, LLMs, and autonomous agent frameworks
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Security Architect

Location
Location
Portugal , Matosinhos Municipality; Lisbon
Salary
Salary:
Not provided
https://www.tui.com Logo
TUI
Expiration Date
June 17, 2026
Flip Icon
Requirements
Requirements
  • You have a demonstrable track record of delivering Zero Trust control implementation - not just designing it - across enterprise environments, with practical understanding of the CISA Zero Trust Maturity Model across all five pillars and the ability to assess current state against Traditional, Initial, Advanced, and Optimal maturity stages
  • Evidence of driving security control implementation through delivery teams in large, complex organisations is essential, as you distinguish between controls that have been deployed and verified versus those that have only been documented or recommended, actively rejecting activity-based metrics in favour of outcome-based measurement
  • Hands-on experience with Microsoft Security Exposure Management, Microsoft Secure Score, Maester, and the Microsoft Defender suite enables you to extract control status data, interpret attack path exposure metrics, and use tooling output to drive delivery prioritisation and evidence compilation
  • Your proficiency with Entra ID, Intune, Defender for Endpoint, and Defender for Office 365 as control implementation platforms means you can provide technical depth across Identity, Devices, Networks, Applications, and Data pillar-specific control areas
  • You're able to identify and challenge shared ownership arrangements that prevent control implementation, assigning single accountable owners to controls and holding them to delivery commitments, understanding that a control without a named, funded owner is an unmanaged risk
  • Experience working within an OKR framework where key results are tied to measurable security outcomes is important, as you understand that programme maturity is measured by controls implemented and attack surface reduced - not by documents produced or workshops delivered
  • Operating within or alongside a formal security architecture governance function comes naturally to you, as you contribute to quarterly reporting cadences and multi-team delivery coordination across complex enterprise environments
  • You're highly autonomous and able to identify what needs to happen next without being directed, taking ownership of blockers and working comfortably across organisational boundaries to challenge delivery teams when progress is below expectation
  • Being comfortable with ambiguity in an actively evolving programme is essential, as you adjust your approach based on what measurement data shows and stay motivated by reducing actual risk rather than achieving compliance posture
Job Responsibility
Job Responsibility
  • Drive control implementation across all five CISA Zero Trust pillars - dentity, Devices, Networks, Applications and Workloads, and Data - translating pillar OKR commitments into specific, sequenced control deployments with defined owners, timelines, and measurable success criteria
  • Own the measurement framework for Zero Trust maturity progression, using Microsoft Security Exposure Management, Maester security assessments, and Microsoft Secure Score to track control status changes, maintain time-series data, and escalate stalled controls before they impact quarterly OKR targets
  • Work directly with pillar owners - Identity, Devices, Network, Applications, and Data leads - to convert high-priority workshop outputs into active delivery backlogs, challenging shared ownership arrangements and ensuring each control has a single named owner with budget authority
  • Provide technical depth across pillar-specific control areas including Conditional Access policy design, Entra ID Governance, PIM, phishing-resistant MFA deployment, trusted device strategy, Intune policy enforcement, network segmentation, secure remote access patterns, application ownership models, Entra SSO integration, API security governance, and data loss prevention aligned to the Secure Future Initiative
  • Triage Microsoft Secure Score recommendations against pillar OKR priorities, assign each recommendation to the correct pillar owner with delivery timelines, track closure rates, and separate high-impact risk-reducing controls from low-value compliance activities
  • Generate evidence of risk reduction for board reporting and cyber insurance renewal, presenting Zero Trust progress in terms of attack surface change and business impact rather than framework terminology
What we offer
What we offer
  • Attractive remuneration
  • Exclusive travel perks & discounts
  • Extensive health & wellbeing support
  • Flexible working
  • Access the TUI Tech Learning Hub
  • Opportunities to upskill, reskill and grow your career
  • Participate in our tech communities and collaborate on global projects and teams
  • Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community
  • Fulltime
!
Read More
Arrow Right

Distinguished Architect - Security

We're building a world of health around every individual — shaping a more connec...
Location
Location
United States
Salary
Salary:
175100.00 - 334750.00 USD / Year
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
June 29, 2026
Flip Icon
Requirements
Requirements
  • 15+ years of relevant work experience (10+ years in technical security leadership roles)
  • 10+ years of experience building or securing large-scale business applications using modern technologies and architectural patterns
  • 10+ years of experience designing secure integrations with a focus on performance, resilience, and loose coupling using APIs, microservices, and event-driven architecture
  • Evidence of significant contributions in previous roles and/or to the broader industry
  • Expert-level understanding of security architectural methodologies/best practices, regulatory and compliance requirements, and risk frameworks that influence architecture decisions
  • Recognized technical leader with full stack technology knowledge and recognized as an expert in multiple security domains such as: Identity & access management (IAM), network security, cloud security (AWS/Azure/GCP), data protection, zero trust, or security operations
  • Experience recognizing the impact security architecture decisions can have on strategic business decisions
  • Substantial experience with requirements analysis, risk assessment, estimation, and secure application design
  • Expert understanding of architectural governance, security design patterns, AI safety controls, secure development standards, and best practices
  • A diverse technical background with key areas of depth around AI/ML/Agentic AI security, cloud security, data platform security, hybrid solutions and operating securely at scale
Job Responsibility
Job Responsibility
  • Be part of a team responsible for enabling secure technology solutions that meets our business strategy and drives business value
  • Define and collaborate on the creation of security roadmaps, security reference architectures, standards, best practice documents, and secure-by-design reference implementations that accelerate delivery while ensuring safety and compliance
  • Evaluate market trends in cybersecurity, execute buy vs. build decisions and assess cost and the risk impact on targeted business outcomes
  • Define future state security architecture that supports secure adoption of Artificial Intelligence, APIs, data stores, cloud infrastructures, cloud services, and microservices
  • Collaborate and consult with technology, cybersecurity, and business partners to optimize business applications and systems that adopt modern and secure architectures, especially around AI
  • Develop and maintain a strategic vision for the secure use of AI technologies, aligned to the CVS Health platform based on key business drivers, regulatory requirements, and emerging threat trends
  • Define and collaborate on the creation of security frameworks for the enterprise that promote reuse, reduces cost, manages risk, and increases speed to market
  • Effectively build and maintain strong relationships with technology, cybersecurity, and business partners to establish trust and influence key security decisions
  • Provide guidance, direction and mentorship to engineers and other stakeholders regarding security architecture and secure design of enterprise applications
  • Ensure all Non-Functional Security Requirements (e.g., authentication, authorization, resilience, encryption, auditability, availability, etc.) are properly articulated, and work with all parties to guarantee that delivered software products meet these objectives
What we offer
What we offer
  • medical, dental, and vision coverage
  • paid time off
  • retirement savings options
  • wellness programs
  • bonus, commission or short-term incentive program
  • equity award program
  • Fulltime
Read More
Arrow Right

Api Architect

We are currently seeking a API Architect (Onsite Hybrid) to join our team in Atl...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 8+ years of experience in software engineering, API development, and distributed systems
  • Minimum 5+ years of experience in API design and development (RESTful APIs, microservices architecture)
  • Minimum 3+ years of experience working with cloud platforms (preferably AWS: API Gateway, Lambda, ECS/EKS, SQS/SNS, etc.)
  • Minimum 3+ years of strong experience in designing and building scalable, highly available distributed systems
  • Minimum 3+ years of hands-on experience with API management, versioning, security (OAuth2, JWT), and governance
  • Minimum 3+ years of experience with Agile SDLC, backlog management, and working with product owners
  • Bachelor's degree in Computer Science, Information Technology, or equivalent work experience
Job Responsibility
Job Responsibility
  • Design, implement, and deploy API solutions across cloud-native environments, with a focus on AWS and distributed systems
  • Lead the development and delivery of API and microservices-based solutions, including hands-on coding and technical leadership
  • Collaborate with business leaders, product owners, and cross-functional teams to translate business requirements into scalable API architectures
  • Define and enforce API design standards, guidelines, and best practices across the organization
  • Create architecture designs and technical deliverables aligned with enterprise strategy and infrastructure standards
  • Manage and prioritize API and product feature backlogs in an Agile environment
  • Develop and maintain public and private APIs supporting multiple lines of business
  • Ensure high availability, scalability, and performance of API platforms and distributed systems
  • Work closely with QA/testing teams to ensure software quality and resolve defects
  • Provide application support including troubleshooting, root cause analysis, and on-call support
  • Fulltime
Read More
Arrow Right

Senior Information Security Architect - Cloud IAM

We are seeking a highly skilled Senior IAM Security Architect to join our inform...
Location
Location
United States
Salary
Salary:
148600.00 - 198200.00 USD / Year
firstam.com Logo
First American Financial
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in IAM security, including at least 5 years of experience in IAM risk assessment, threat modeling, and security control design
  • Preferred Certified Information Systems Security Professional (CISSP) or Certified Identity and Access Manager (CIAM) or other relevant IAM/security certification
  • Proven expertise in implementing and securing IAM solutions in cloud environments such as AWS, Azure, and Entra ID
  • In-depth knowledge of IAM security best practices, identity governance, and access management policies
  • Hands-on experience in conducting security risk assessments and threat modeling for IAM systems
  • Demonstrated experience in establishing least privilege access and implementing Just-in-Time (JIT) access controls across cloud and on-premises environments
  • Expertise in implementing and managing a Zero Trust security posture for IAM, with hands-on experience in identity validation, continuous authentication, and risk-based access controls
  • Strong expertise with IAM platforms such as Microsoft Entra ID (Azure AD), AWS IAM, Azure Active Directory
  • Experience with cloud security, integrating IAM systems with AWS, Azure, and hybrid environments
  • Strong understanding of IAM security controls, including role-based access control (RBAC), attribute-based access control (ABAC), policy enforcement, and Just-in-Time (JIT) provisioning
Job Responsibility
Job Responsibility
  • Participate in the design of secure IAM architectures across multiple platforms (AWS, Azure, Entra ID), ensuring all components align with best practices and organizational security requirements
  • Design security controls for IAM, including user authentication, authorization, role management, identity federation, and privilege management across cloud and hybrid environments
  • Lead the design and evolution of CIAM architecture that supports secure, scalable, and customer-centric identity services across web, mobile, and API-based platforms
  • Establish and maintain a Zero Trust security model for IAM, ensuring that all access requests are continuously verified, regardless of location or network
  • Integrate Zero Trust principles with cloud-native security tools and IAM platforms (e.g., AWS, Azure, Entra ID) to ensure seamless, secure, and dynamic access control
  • Automate risk-based access controls and adaptive authentication based on behavioral signals, ensuring a dynamic response to security events
  • Establish and enforce least privilege access principles for all roles across cloud and on-prem environments, ensuring users only have the minimal access necessary to perform their job functions
  • Design and implement Just-in-Time (JIT) access control mechanisms to dynamically grant access based on user needs, significantly reducing standing permission sets
  • Design SSO solutions that provide seamless and secure access to enterprise applications, ensuring a frictionless user experience while maintaining high security standards
  • Lead the adoption of modern authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML) for secure, scalable, and standardized access management across applications and systems
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401k
  • PTO/paid sick leave
  • employee stock purchase plan
  • Fulltime
Read More
Arrow Right