Job Description
The Pepperstone story started in 2010. We know what it’s like to trade the world’s markets. Our team describes us as a place for the curious and the driven, and we like to do things a little differently; as a transformative global fintech we’re digital, nimble, connected, and united in our vision to create a better way to trade. We thrive on progress – for our clients and for ourselves. Our organisational culture is ever-evolving, vibrant, diverse, global and results focused. You’ll find our 550+ team currently across 11 locations and 9 time zones.
The Role The Security Architect exists to define and own the security design of Pepperstone applications, APIs, and supporting platforms. Sitting within the Application Security team, you will translate the organisation risk appetite into clear, actionable architectural patterns that engineering teams can build to, ensuring security is a foundational consideration rather than an afterthought. You will serve as the senior technical authority on application security architecture, working closely with engineers, product managers, and senior stakeholders to drive secure-by-design principles across the product portfolio.
This position reports to Head of Product Security, Limassol, Cyprus. Our team is made up of individuals from all walks of life, each bringing unique experiences and perspectives that enrich our work and culture. We truly value this diversity and are excited to welcome someone who is open-minded, adaptable, and enthusiastic about collaborating in a globally connected and inclusive environment.
What You’ll Be Doing
- Define and own the application security architecture vision, standards, and reference patterns across web, mobile, API, and cloud-hosted application surfaces.
- Provide architectural guidance and security assurance on new products, major feature delivery, and significant changes to existing systems.
- Conduct security architecture reviews and threat modelling for new and existing applications, identifying risks and recommending mitigating controls.
- Develop and maintain security design patterns, guardrails, and secure-by-default frameworks that engineering teams can adopt within the SDLC.
- Lead the evaluation and selection of application security technologies and tooling, ensuring alignment with the team’s architectural principles and business needs.
- Partner with Cloud and Infrastructure teams to ensure application deployment architectures meet security requirements across AWS, Azure, and hybrid environments.
- Collaborate with Risk & Compliance to align application security architecture with regulatory obligations including DORA, PCI DSS, ISO and SOC.
- Represent the Application Security team in cross-functional architecture forums and technology governance bodies.
About You
- 8+ years of progressive experience in information security, with at least 3 years in a security architecture or principal/staff security engineering role.
- Deep expertise in application security architecture across web, mobile, API, and microservices domains.
- Strong working knowledge of common vulnerability classes, OWASP Top 10, and application-layer attack patterns.
- Demonstrated experience designing secure architectures for cloud-native and hybrid environments (AWS, Azure, or GCP).
- Proficiency in threat modelling methodologies such as STRIDE, PASTA, or MITRE ATT&CK, with the ability to lead sessions with engineering teams.
- Experience working in or with regulated financial services organisations and familiarity with frameworks such as DORA, PCI-DSS, ISO and SOC.
- Excellent communication skills; able to translate complex security design decisions into clear guidance for engineers and risk-based recommendations for senior leadership.
- Relevant certifications such as CISSP, CSSLP, OSCP, CCSP, or AWS/Azure Security is a plus
- Hands-on background in software engineering or development is strongly advantageous.
- Fluency in English; Hungarian language skills are an advantage.
- Ability to live the Pepperstone values
- Committed to ongoing learning and development
Why you will enjoy working with us
- Competitive salary structure including company bonus scheme
- Genuinely collaborative and friendly culture
- Flexible and hybrid working
- Remote working option - work from anywhere for up to 6 weeks per year
- Ongoing personal development & learning opportunities
- 3 paid volunteering days per year & Workplace Giving Program
- Periodic recognition and reward programs for outstanding performance and achievements
- Frequent events and celebrations
- Comprehensive medical insurance with coverage for your healthcare needs
- Pension fund
- Employee Assistance Program & Wellbeing Initiatives
- Convenient and cozy office located near Astoria at KLUSTER Coworking
More about Pepperstone We’re a regulated online Forex and CFD trading platform. With the scale of a global fintech and the agility of a start-up, we arm our clients with everything they need to take on the global markets with confidence. You will be part of a wider passionate and friendly team, and whilst things may not always go to plan, we learn quickly and move forward with impact. To learn even more visit and
We understand it’s important to do due diligence on a prospective employer and see what our team is saying on . We respect our team members’ experiences and will never pay to remove a negative review.
Pepperstone is an equal-opportunity employer. We are passionate about building a diverse workplace and strongly encourage applications from any background.
“We are a 2025 Circle Back Initiative Employer – we respond to every applicant”.
We will be reviewing applications as they come through, so if this is an opportunity that excites you, don’t wait. Express your interest by clicking the apply button below as soon as possible.
Note to external agencies: While we appreciate the efforts of external recruitment agencies, we prefer to engage directly with applicants for this opportunity.
