Senior Security Engineer

The Apex Group was established in Bermuda in 2003 and is now one of the world’s largest fund administration and middle office solutions providers.

Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.Your career with us should reflect your energy and passion.

That’s why, at Apex Group, we will do more than simply ‘empower’ you. We will work to supercharge your unique skills and experience.

Take the lead and we’ll give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities.

For our business, for clients, and for you

The Role:

The Senior Security Engineer is a critical role within Security Engineering & Cyber Security, responsible for the end-to-end ownership of Apex’s security platforms. This includes the design, configuration, operation, and continuous maturation of enterprise security tooling across the environment.

The role is accountable for ensuring security platforms are implemented correctly, maintained at scale, strategically aligned to risk, and delivering measurable security outcomes. This includes defining tooling strategy, driving improvements in capability and maturity, and ensuring platforms operate effectively across their full lifecycle.

Key duties and responsibilities:

Security Engineering

• Own security engineering platforms end to end, including the design, configuration, implementation, operation, maintenance, and continuous maturation of security tooling across the environment.
• Provide technical oversight of enterprise security toolsets spanning endpoint, server, identity, email, network, cloud, and detection & response, including both Microsoft-native and third-party technologies (e.g. Mimecast, Tessian, Netskope, and cloud security platforms).
• Define and execute the security tooling strategy, ensuring platforms are aligned to risk, business priorities, and long-term security architecture.
• Ensure security platforms are delivering measurable security value, reducing loss exposure, and operating effectively, supported by appropriate people, processes, controls, and metrics.
• Design, review, and approve security engineering patterns, standards, and reference architectures.
• Oversee remediation of post-incident actions, audit findings, and control gaps related to security tooling and platform configuration.
• Collaborate closely with the Head of Cloud and Product Security to develop and deliver security engineering roadmaps, including capability uplift and maturity improvements.
• Provide expert input into security policies, standards, and best practices, ensuring they are technically sound and practically enforceable through tooling.
• Ensure security standards and platform configurations are kept current, fit for purpose, and aligned with evolving threats and technology changes.
• Review security vulnerabilities and tooling findings to ensure they are triaged, prioritized, and managed using a risk-based approach.
• Mentor and coach Security Engineers, driving strong ownership, accountability, and engineering excellence across the team.
• Act as a delegate for the Head of Cloud and Product Security in relevant forums, committees, and stakeholder engagements, shaping the future direction of security engineering and platform capability.

Experience and Knowledge:

• 7–10+ years’ experience in Information Security, Cyber Security, or Security Engineering roles.
• Strong hands-on experience with enterprise security toolsets, including Microsoft-native and third-party platforms such as Mimecast, Proofpoint/Tessian, Netskope, CyberArk, Qualys, Defender, or equivalent.
• Proven experience engineering, configuring, and operating security platforms end to end, including ongoing maintenance, optimization, and maturity uplift.
• Deep understanding of security controls across endpoint, server, identity, email, network, and cloud, including hybrid environments.
• Strong experience with Microsoft security technologies, including Defender (Endpoint, Identity, XDR, Cloud), Entra ID security controls (Conditional Access, PIM), and data protection controls.
• Solid understanding of cloud and hybrid security models across major cloud providers (Azure, AWS, OCI), including shared responsibility models.
• Relevant industry certifications advantageous (e.g. AZ-500, SC-200, SC-300, MS-500, or equivalent).
• Knowledge of industry standards and frameworks such as SOC 2, ISO 27001, and NIST, with experience aligning tooling and controls to regulatory requirements.
• Experience with IAM and PAM platforms (e.g. SailPoint, CyberArk) and access governance concepts.
• Demonstrated ability to design and implement security solutions in highly regulated environments.
• Experience integrating third-party or niche security products to address gaps where native platform controls are insufficient.
• Broad and practical understanding of security technology from infrastructure and platforms through to applications and data.
• Proven ability to mentor and develop junior and mid-level engineers, fostering strong ownership and engineering discipline.
• Ability to lead calmly during incidents and high-pressure situations, making sound technical decisions while supporting the wider team.
• Strong communication skills, with the ability to translate technical security concepts into clear business context for diverse stakeholders.
• Excellent problem-solving, decision-making, and analytical skills, with a structured and pragmatic approach to risk.
• Highly organized, able to manage multiple priorities across complex security platforms.
• Comfortable working in a global, multicultural environment and collaborating across teams and regions.
• Demonstrated ability to balance business requirements with security engineering outcomes, with a strong sense of ownership and motivation.
• Commitment to continuous learning and improvement in security engineering and platform technologies.
• Passion for driving change, improving maturity, and raising the security baseline of the organization.

Disclaimer: Unsolicited CVs sent to Apex (Talent Acquisition Team or Hiring Managers) by recruitment agencies will not be accepted for this position. Apex operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our exclusive recruitment partners.