Application Security Architect

Description

We are seeking a Senior Application Security Architect to help lead and mature our application security program. They will serve as a trusted security advisor to engineering and product teams, providing expert guidance on secure design, threat modeling, and security architecture across a wide range of applications and platforms.

They will collaborate cross-functionally to embed security into the software development lifecycle (SDLC), evaluate emerging technologies for risk, and drive the adoption of secure coding practices. They will also help develop and enforce secure design standards, influence technical direction, and support incident response efforts as needed.

This position requires deep knowledge of secure software architecture, cloud-native environments, and modern development practices such as DevOps, microservices, and APIs. The ideal candidate is a strong communicator and mentor, passionate about enabling secure innovation at scale.

Key Skills

Deep expertise in application security principles, including secure design, threat modeling, and risk assessment

Strong understanding of common vulnerabilities (e.g., OWASP Top 10) and mitigation strategies

Proficiency in cloud security across platforms such as AWS, Azure, or GCP

Experience securing microservices, containerized environments (e.g., Docker, Kubernetes), and APIs

Familiarity with DevSecOps practices and integrating security tools into CI/CD pipelines

Knowledge of secure coding practices across multiple languages (e.g., Java, Python, JavaScript, Go)

Experience with security testing tools such as SAST, DAST, SCA, and IaC scanning tools

Strong architectural and system design skills with a security-first mindset

Excellent communication and stakeholder management skills, with the ability to influence engineering teams

Ability to mentor and guide developers and security engineers

Experience

7+ years of experience in application security, software engineering, or a related field

Proven track record of designing and implementing secure architectures in complex, distributed systems

Hands-on experience embedding security into the SDLC in Agile/DevOps environments

Experience conducting threat modeling exercises and security architecture reviews

Background in incident response, vulnerability management, or security operations is a plus

Experience working with cloud-native applications and modern infrastructure (containers, serverless, APIs)

Demonstrated ability to partner with engineering and product teams to drive security initiatives

Prior experience in a leadership, mentorship, or advisory role within security or engineering teams

Please do not hesitate to apply asap as we interview on a rolling basis!