Alexander Ash are looking for a Lead Security Architect to own and drive security across a complex omnichannel ecosystem — spanning e-commerce, mobile, in-store, APIs, and enterprise integrations.
This is a high-impact role at the heart of digital transformation, ensuring security-by-design is embedded across every customer and data touchpoint.
What you'll be doing:
- Define and lead end-to-end security architecture across OMS, WMS, CRM, POS, APIs, and digital platforms
- Embed security-by-design across all digital commerce programmes
- Own API and integration security (REST, GraphQL, event-driven, microservices)
- Lead design authority reviews and set security standards, patterns, and guardrails
- Drive Zero Trust architecture across omnichannel environments
- Secure authentication frameworks (OAuth 2.0, OIDC, SAML, JWT)
- Oversee MuleSoft (or similar) integration security and API governance
- Embed AppSec practices (OWASP, SAST/DAST, threat modelling) into SDLC
- Partner with engineering, product, and operations teams to deliver secure platforms
- Ensure monitoring, logging, and integration with SOC/SIEM capabilities
- Lead third-party and SaaS security evaluations
What we're looking for:
- 10+ years in Information Security, with strong focus on Security Architecture
- Proven experience in omnichannel or digital commerce environments
- Deep expertise in API security and enterprise integrations (MuleSoft or similar)
- Strong knowledge of cloud security (AWS, Azure, or GCP)
- Experience with microservices, containers (Docker/Kubernetes)
- Hands-on experience with AppSec, OWASP Top 10, secure SDLC practices
- Understanding of PCI DSS, ISO 27001, NIST CSF
- Experience in retail / luxury / consumer sectors is a plus
This is a contract role based out of Dubai. If interested in the role, please reach out to [Confidential Information]
