Pepperstone
fintech
SecurityArchitect
Neural analysis suggests this role is
optimal for Senior candidates.
“Security Architect at Pepperstone. Skills: application security architecture, security design, threat modelling. Define and own the security design of Pepperstone applications, APIs, and supporting platforms. Define and own the application security architecture vision, standards, and reference patterns across web, mobile, API, and cloud-hosted application surfaces”
Industry & Context.
What They're Looking For.
Must Have
8+ years of progressive experience in information security, at least 3 years in a security architecture or principal/staff security engineering role, Deep expertise in application security architecture across web, mobile, API, and microservices domains, working knowledge of common vulnerability classes, OWASP Top 10, and application-layer attack patterns, Demonstrated experience designing secure architectures for cloud-native and hybrid environments (AWS, Azure, or GCP), Proficiency in threat modelling methodologies such as STRIDE, PASTA, or MITRE ATT&CK, with the ability to lead sessions with engineering teams, Experience working in or with regulated financial services organisations, Excellent communication able to translate complex security design decisions into clear guidance for engineers and risk-based recommendations for senior leadership, Ability to live the Pepperstone values
Nice to Have
Relevant certifications such as CISSP, CSSLP, OSCP, CCSP, or AWS/Azure Security is a plus, Hands-on background in software engineering or development is strongly advantageous, Fluency in Hungarian language skills are an advantage, Committed to ongoing learning and development
What You'll Do.
Define and own the security design of Pepperstone applications
and supporting platforms
Define and own the application security architecture vision
and reference patterns across web
and cloud-hosted application surfaces
Provide architectural guidance and security assurance on new products
major feature delivery
and significant changes to existing systems
Conduct security architecture reviews and threat modelling for new and existing applications
identifying risks and recommending mitigating controls
Develop and maintain security design patterns
and secure-by-default frameworks that engineering teams can adopt within the SDLC
Lead the evaluation and selection of application security technologies and tooling
ensuring alignment with the team's architectural principles and business needs
Partner with Cloud and Infrastructure teams to ensure application deployment architectures meet security requirements across AWS
and hybrid environments
Collaborate with Risk & Compliance to align application security architecture with regulatory obligations including DORA
Represent the Application Security team in cross-functional architecture forums and technology governance bodies
How You'll Work.
Team & Collaboration
working closely with engineers, product managers, and senior stakeholders; lead sessions with engineering teams; Collaborate with Risk & Compliance; Represent the Application Security team in cross-functional architecture forums and technology governance bodies; Genuinely collaborative and friendly culture
Communication Scope
Excellent communication able to translate complex security design decisions into clear guidance for engineers and risk-based recommendations for senior leadership
Full Job Description
The Pepperstone story started in 2010. We know what it’s like to trade the world’s markets. Our team describes us as a place for the curious and the driven, and we like to do things a little differently; as a transformative global fintech we’re digital, nimble, connected, and united in our vision to create a better way to trade. We thrive on progress – for our clients and for ourselves. Our organisational culture is ever-evolving, vibrant, diverse, global and results focused. You’ll find our **700+** team across **12** regions and **9** time zones. **The Role ** The Security Architect exists to define and own the security design of Pepperstone applications, APIs, and supporting platforms. Sitting within the Application Security team, you will translate the organisation risk appetite into clear, actionable architectural patterns that engineering teams can build to, ensuring security is a foundational consideration rather than an afterthought. You will serve as the senior technical authority on application security architecture, working closely with engineers, product managers, and senior stakeholders to drive secure-by-design principles across the product portfolio. This **position reports to Head of Product Security, Limassol, Cyprus**. Our team is made up of individuals from all walks of life, each bringing unique experiences and perspectives that enrich our work and culture. We truly value this diversity and are excited to welcome someone who is open-minded, adaptable, and enthusiastic about collaborating in a globally connected and inclusive environment. ** What You’ll Be Doing** * Define and own the application security architecture vision, standards, and reference patterns across web, mobile, API, and cloud-hosted application surfaces. * Provide architectural guidance and security assurance on new products, major feature delivery, and significant changes to existing systems. * Conduct security architecture reviews and threat modelling for new and existing appli
Applying for this Security Architect role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Pepperstone?
Real rants from real employees. Read before you apply.