Salary: £40,000 - 70,000 per year Requirements: Proven experience in API security architecture within large-scale environments Expertise in API gateways (Apigee, Azure API Management, Kong, Mulesoft) Strong knowledge of OAuth2.0, OIDC, JWT, mTLS, TLS, and Zero Trust principles Deep understanding of OWASP API Security Top 10 and secure design patterns Experience designing security controls in cloud (Azure, AWS, or GCP) Ability to create architectural artefacts (HLDs, LLDs, security patterns) Responsibilities: Design end to end API security architecture across cloud and on premise environments Define API security standards covering authentication, authorization, encryption, and threat protection Lead architectural reviews, threat modelling, and risk assessments for API integrations Select, architect, and optimize API gateways, WAFs, and security controls Develop reference architectures and reusable security patterns for engineering teams Provide security governance for API development, lifecycle management, and CI/CD practices Partner with engineering, product, and security operations to embed secure-by-design principles Oversee remediation strategies for API vulnerabilities and guide architecture improvements Technologies: API Apigee AWS Architect Azure CI/CD Cloud GCP JWT MuleSoft OWASP Security DevSecOps microservices More: We are looking for an API Security Architect to define, design, and oversee the implementation of enterprise-grade API security architecture in Knutsford with a hybrid work model (2-3 days in the office). This is a 9-month contract offering a daily rate of £712 inside IR35. In this role, we ensure that APIs are built securely, follow best practice standards, and align with organisational security and compliance requirements. last updated 8 week of 2026