Security Architect at Apex Group

The Role

• Apex is looking for an experienced Security Architect to join our growing Enterprise Security Architecture team. You’ll play a key role in designing and guiding the implementation of secure technology solutions across the organization. This role contributes directly to building scalable, resilient, and secure systems that support Apex’s business and regulatory commitments.

Key Responsibilities

• Design secure architecture patterns aligned to Apex’s technology roadmap and business goals.
• Act as the security design authority for assigned projects, initiatives, or architectural domains.
• Translate security policies and standards into practical design controls and implementation guidance.
• Evaluate new technologies, products, and platforms for alignment with enterprise security strategy.
• Conduct architecture risk assessments and threat modelling to identify potential exposures.
• Engage with InfoSec, Cloud, infrastructure, application, and data teams to support secure solution design and integration.
• Document and maintain security architecture artefacts including diagrams, control mappings, and design decisions.
• Contribute to the development of security reference architectures and reusable design templates.
• Stay current on emerging threats, vulnerabilities, and technology trends.
• Execute delegated tasks as deemed appropriate by the Group CISO and other empowered Group Cyber leadership authorities, ensuring timely and effective completion in alignment with organizational priorities.
• Support the Group Cyber Strategy end-to-end, driving alignment of all activities, decisions, and deliverables with strategic objectives and business outcomes.

Areas of Specialization

You will focus on one of the following domains, depending on the role fit:

• Security Architect – Cloud & Infrastructure: Focused on secure deployment and integration across hybrid/multi-cloud environments, network security, IaaS/PaaS/SaaS controls, and cloud governance.
• Security Architect – Application Security: Focused on secure software architecture, threat modelling, DevSecOps, API and identity design, and integration with CI/CD toolchains.
• Security Architect – Data, AI & Tokenization: Focused on data classification, privacy-enhancing technologies, encryption/tokenization, AI governance, and secure data pipeline design.
• Security Architecture Advisory Services: Provides strategic and technical guidance across domains to align security architecture with business objectives. Focus areas include enterprise security design, zero trust principles, risk-based decision-making, and integration of security into digital transformation initiatives.

Required Experience & Skills

• 10+ years of overall experience in cybersecurity or infrastructure/application roles, with 5-7 years in architecture, design, or engineering roles involving security.
• Experience architecting secure systems in large or complex enterprise environments.
• Hands-on exposure to one or more of: AWS, Azure, OCI, Kubernetes, IAM, CI/CD, API gateways, SIEM/SOAR, Mail security, EDR, ZTNA technologies or data security technologies or data security technologies.
• Strong understanding of security principles, design patterns, and defence-in-depth strategies.
• Working knowledge of relevant security standards and frameworks (e.g. NIST, ISO 27001, CSA CCM, MITRE ATT&CK, SOC2, OWASP Top10).
• Ability to communicate technical risks and architectural decisions to both technical and non-technical audiences.
• Architectural qualifications (e.g., SABSA, TOGAF, or similar) are key to success in this role.
• Professional certifications are beneficial (e.g. CISSP, CCSP, Azure/AWS Architect) and architectural qualifications are key