Head of Enterprise Architecture – Security (FSI)

Role Overview

We are seeking a dynamic and forward-thinking Head of Enterprise Architecture – Security to lead the security architecture function across a large‑scale, high‑growth banking environment. This role is ideal for a leader who has grown from a deep engineering or enterprise architecture background into security—someone who can bridge application development, modern architectures, and security-by-design at scale.

The ideal candidate excels in secure application architecture, API security, and cloud-native environments, and can guide the bank’s digital transformation securely while engaging confidently with C‑suite and senior business stakeholders

Key Responsibilities

Enterprise Security Architecture Leadership

• Define and own the enterprise security architecture strategy, standards, and blueprints across the bank’s technology landscape.
• Build scalable and secure architectures for core banking systems, customer platforms, and internal applications.
• Ensure security-by-design principles are embedded into engineering, cloud adoption, and digital initiatives.

Application & API Security

• Lead architecture design for secure applications, microservices, and high-volume APIs.
• Establish guardrails for API gateway configurations, identity federation, tokenization, and secure integration patterns.
• Conduct architectural reviews for critical customer-facing and regulatory-impact services.

Technology Innovation & Future Architecture

• Drive innovation in security—exploring modern approaches such as zero trust, confidential computing, secure AI patterns, and DevSecOps automation.
• Evaluate emerging technologies and provide guidance on adoption, risks, and architectural fit.
• Lead PoCs and pilot initiatives to improve resilience, scalability, and developer productivity.

Stakeholder Engagement & Governance

• Partner with senior stakeholders across Technology, Cybersecurity, Risk, and Business Units to align enterprise architecture with business outcomes.
• Present architectural recommendations and risk trade-offs to the architecture review board and executive committees.
• Provide leadership and coaching to architects and engineering teams.

Required Qualifications & Experience

• 12–18+ years in technology with strong grounding in engineering or enterprise architecture.
• Deep expertise in application security, API security, identity & access, and cloud-native architectures (AWS/Azure/GCP).
• Experience in large-scale banking or FSI environments, with complex regulatory and threat landscapes.
• Strong understanding of microservices, event-driven architectures, container security (K8s), and DevSecOps toolchains.
• Proven ability to design scalable architecture for high-volume, mission-critical systems.
• Excellent communication and influencing skills, including presenting to senior executives and regulators.

Argyll Scott Singapore Pte Ltd
EA License No. 16S8105
Koh Ching Wen (Xu Jingwen)
EA Reg No: R1108631