Application Security Architect

About The Position

Requirements

• Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent experience - Required
• 8+ years related IT experience; 5+ years experience in security application tools
• 6+ years experience in application security reviews of new architecture; 4 + years of experience with public and hybrid cloud (AWS) environments.
• Strong software development background with the ability to read, understand, and advise on production code and design decisions.
• Demonstrated expertise in threat modeling and secure architecture review for modern web and API-based applications.
• Expertise securing CI/CD and SDLC processes (pipeline security, secrets management, artifact integrity, build/release controls, and automation).
• Experience with application security tooling and processes, including managing findings and resolving false positives (SAST/SCA/DAST and related scanning in pipelines).
• Working knowledge of AI/ML security risks and mitigations for applications that use ML models or GenAI components.
• Strong collaborative and consulting skills: ability to influence without authority, communicate clearly, and deliver pragmatic, developer-friendly recommendations.

Nice To Haves

• Master’s degree in Arts/Sciences (MA/MS) or professional industry certification - Preferred

Responsibilities

• Developer enablement & secure coding support Coach and support developers in writing secure code, including secure patterns, common vulnerability classes, and secure use of frameworks and libraries. Provide timely consulting on “how to do it right” (architecture, implementation details, and operational considerations) and help teams choose secure-by-default approaches. Triage findings from SAST, SCA, DAST, container and IaC scanning; investigate, validate, and resolve false positives; and help teams prioritize true risk. Partner with teams to tune security tools, reduce noise, and improve signal quality (rules, suppressions, baselines, and exception processes) while maintaining strong security posture.
• Secure by Design reviews Conduct Secure by Design reviews for new applications and material changes to existing applications, validating security requirements and design decisions early. Lead and facilitate threat modeling workshops; identify abuse cases, trust boundaries, and attack paths; and document mitigations and residual risk. Review authentication/authorization design, data flows, secrets handling, logging/monitoring, and resiliency controls to ensure secure architectures. Provide clear, actionable recommendations and track follow-through with engineering teams.
• CI/CD and SDLC security Advise on the security of CI/CD practices: pipeline hardening, least privilege, artifact integrity, signing, provenance, and secure deployment patterns. Advise on secure use of third-party dependencies and supply chain controls, including SCA governance and patch/vulnerability management workflows. Collaborate with platform/tooling teams to integrate security controls into developer workflows with a focus on automation and self-service.
• AI/ML security guidance Provide security architecture guidance for AI/ML and GenAI-enabled applications, including model/data risk, prompt/agent design considerations, and safe integration patterns. Help teams implement appropriate controls for data protection, access control, monitoring, and abuse prevention in AI/ML features.
• Collaboration & communication Act as a trusted partner to product, engineering, and leadership—translating security requirements into developer-friendly guidance. Create and maintain secure coding guidance, reference architectures, and reusable patterns. Support incident learnings by contributing to root cause analysis and preventative design improvements.