Sr. Principal - Cyber Security Architect

Nium is the global infrastructure company powering real-time cross-border payments. Founded to deliver the payments infrastructure of tomorrow, today, we are building a programmable, borderless, and compliant money-movement layer that powers transactions between people, businesses, and intelligent systems — enabling banks, fintechs, payroll providers, travel platforms, marketplaces, and other global enterprises to move money instantly, anywhere in the world. 

Co-headquartered in San Francisco and Singapore, with offices in 14 markets and team members across 20+ countries, we take pride in a culture anchored in Keeping It Simple, Making It Better, and Winning Together. 2025 was the strongest year in our 10-year history, with record revenue, record transaction volumes, and EBITDA profitability — and we are now entering one of the most dynamic chapters in our journey. We believe the best work happens face-to-face, and we operate a hybrid model with three in-office days per week to strengthen collaboration, alignment, and innovation. 

We move over $50B annually across a network that spans 190+ countries, 100 currencies, and 100 real-time corridors. We power fast payouts to accounts, wallets, and cards; enable local collections in 35 markets; and support card issuance in 34 countries — all backed by licenses across 40+ markets. 

With over $300M raised to date, Nium offers ambitious builders the opportunity to shape the future of global money movement — at scale. 

About the Role

As the Sr. Principal - Cyber Security Architect, you will be responsible for defining, governing, and evolving the application security architecture across the organization’s technology landscape. This role provides strategic and hands-on leadership to ensure that applications—built on modern microservices architectures and deployed in AWS—are secure by design, resilient to threats, and aligned with business growth, regulatory expectations, and partner integration needs.

The role acts as a trusted advisor to engineering, product, platform, and integration teams, embedding security into application design decisions, authentication models, and client/partner integrations from concept through production.

• Application & Architecture Security
• Review and approve security architecture for applications built on microservices architectures, including service-to-service communication, API gateways, event-driven components, and shared platform services deployed in AWS.
• Assess security risks in new application functionalities, major architectural changes, and technology introductions, ensuring security is embedded early in the SDLC.
• Define and enforce secure-by-design principles across application development teams.

• Review and guide application authentication and authorization designs, including OAuth 2.0, OpenID Connect, token-based authentication, and identity federation models.
• Ensure consistent, scalable, and secure identity patterns for internal services, external clients, and partner integrations.
• Provide architectural oversight on secrets management, token lifecycles, and access control models.

• Develop and maintain security architecture patterns for client-facing and partner integrations, including APIs, webhooks, and third-party service connections.
• Review integration security controls such as authentication, authorization, encryption, rate limiting, data minimization, and abuse prevention.
• Ensure integration designs balance strong security with performance and developer experience.
• Threat Modeling & Risk Assessment
• Lead and perform threat modeling for all critical applications and systems, identifying attack vectors, trust boundaries, and security control gaps.
• Translate threat modeling outcomes into actionable security requirements, architectural changes, and engineering guidance.
• Maintain risk-based prioritization of remediation efforts aligned with business criticality.

• Define reusable application security architecture patterns, reference designs, and guardrails to be adopted across teams.
• Provide security design reviews and architectural sign-off for high-risk or business-critical systems.
• Partner with engineering leadership to embed security patterns into platform services and shared tooling.

• Act as a senior security partner to Engineering, Product, Platform, and Cloud teams.
• Mentor application security engineers and influence secure engineering practices at scale.
• Represent application security architecture in senior leadership forums and technical design reviews.

• Bachelor's degree in Computer Science, Information Security, or related field. Relevant certifications (e.g., CISSP, GIAC) are a plus.
• 12+ years in cyber security/information security
• Experience securing financial services, payments, or regulated technology platforms.
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
• Deep experience securing microservices-based applications deployed in AWS environments.
• Strong understanding of API security, service-to-service authentication, and distributed system risks.
• Proven understanding of OAuth 2.0, OpenID Connect, and modern authentication/authorization models.
• Hands-on experience conducting threat modelling for complex, distributed systems.
• Ability to design and govern end-to-end application security architectures, including internal services and external integrations.
• Experience creating and scaling security architecture patterns and reference designs.
• Strong understanding of cloud-native security controls and shared responsibility models.

What we offer at Nium  

We Value Performance: Through competitive salaries, performance bonuses, sales commissions, equity for specific roles and recognition programs, we ensure that all our employees are well rewarded and incentivized for their hard work. 

We Care for Our Employees: The wellness of Nium’ers is our #1 priority. We offer medical coverage along with 24/7 employee assistance program, generous vacation programs including our year-end shut down. We also provide a flexible working hybrid working environment (3 days per week in the office). 

We Upskill Ourselves: We are curious, and always want to learn more with a focus on upskilling ourselves. We provide role-specific training, internal workshops, and a learning stipend.

We Celebrate Together: We recognize that work is also about creating great relationships with each other. We celebrate together with company-wide social events, team bonding activities, happy hours, team offsites, and much more!  

We Thrive with Diversity: Nium is truly a global company, with more than 33 nationalities, based in 18+ countries and more than 10 office locations. As an equal opportunity employer, we are committed to providing a safe and welcoming environment for everyone.