A leading financial institution is seeking a Principal Security Architect to own and drive the global product strategy for secrets management and API security. This is a senior individual contributor role designed for a practitioner who combines deep technical expertise with the strategic vision to shape how secrets management capabilities are architected, governed, and scaled across a complex, distributed enterprise environment.
What You'll Do
- Define and own the global product strategy and technical roadmap for secrets management, covering credential lifecycle management, vault architecture, and API security controls
- Serve as the internal subject matter authority on secrets management platforms and API security tooling, providing architectural guidance across engineering, infrastructure, and security teams
- Evaluate, select, and drive adoption of secrets management solutions — assessing tooling against enterprise requirements including scalability, integration complexity, and regulatory alignment
- Establish standards, patterns, and guardrails for secure API design, authentication frameworks (OAuth, mTLS, API gateway controls), and non-human identity management
- Translate business and regulatory requirements into actionable security architecture decisions, ensuring alignment with financial services compliance expectations
- Engage with product vendors and platform teams to influence roadmap direction and integration priorities
- Identify gaps in current secrets hygiene posture and design remediation programmes at scale
- Mentor and provide technical direction to engineering and security peers without formal management responsibility
What You Bring
- 12+ years of experience in cybersecurity, with a strong foundation in security engineering, architecture, or presales engineering roles
- Deep hands-on expertise in secrets management platforms (e.g. HashiCorp Vault, CyberArk, AWS Secrets Manager, or equivalents)
- Strong command of API security principles — including API gateway architecture, OAuth 2.0, OpenID Connect, mTLS, and token lifecycle management
- Demonstrated ability to drive security strategy and product direction in a large, geographically distributed organisation
- Familiarity with financial services regulatory and compliance landscapes is advantageous
- Effective communicator able to engage both technical stakeholders and senior leadership with clarity and confidence
This role is based in Kuala Lumpur and sits within a global security function. Candidates currently in end-user security roles or vendor/presales environments are equally encouraged to apply.
