Role Title: API Security Architect

Location: Knutsford/ Hybrid

Duration: 30/11/202

Role Description:

"We are looking for an API Security Architect to define, design, and oversee the implementation of enterprise-grade API security architecture. The role ensures APIs are built securely, follow best-practice standards, and align with organisational security and compliance requirements.

Key Responsibilities

• Design end-to-end API security architecture across cloud and on-premise environments.
• Define API security standards covering authentication, authorization, encryption, and threat protection.
• Lead architectural reviews, threat modelling, and risk assessments for API integrations.
• Select, architect, and optimize API gateways, WAFs, and security controls.
• Develop reference architectures and reusable security patterns for engineering teams.
• Provide security governance for API development, lifecycle management, and CI/CD practices.
• Partner with engineering, product, and security operations to embed secure-by-design principles.
• Oversee remediation strategies for API vulnerabilities and guide architecture improvements.

Required Skills & Experience

• Proven experience in API security architecture within large-scale environments.
• Expertise in API gateways (Apigee, Azure API Management, Kong, Mulesoft).
• Strong knowledge of OAuth2.0, OIDC, JWT, mTLS, TLS, and Zero Trust principles.
• Deep understanding of OWASP API Security Top 10 and secure design patterns.
• Experience designing security controls in cloud (Azure, AWS, or GCP).
• Ability to create architectural artefacts (HLDs, LLDs, security patterns).

Nice to Have

• Certifications: CISSP, CCSP, GIAC, SABSA.
• Experience with DevSecOps, container security, and microservices architecture.
• Knowledge of SIEM, API analytics, and threat intelligence.