Senior Cybersecurity Architect - Application Security

About The Position

Requirements

• 8+ years of progressive experience in cybersecurity, with at least 3 years in an architecture or senior security engineering role, including meaningful experience in application security, secure software development, or DevSecOps.
• Minimum: Bachelor’s degree in Computer Science, Information Security, Software Engineering, or a related field, or equivalent experience.
• Experience in regulated industries such as maritime, energy, or financial services.
• Familiarity with Zero Trust architecture, advanced threat detection, software supply chain security, and emerging technologies including AI/ML in security and OT/ICS security.
• Demonstrated leadership in cross-functional teams and global, multicultural environments.
• Strong communication skills with the ability to influence technical and non-technical stakeholders.
• Experience collaborating directly with software developers, platform engineers, and product teams to improve security maturity across application development and delivery processes.
• Strong knowledge of security frameworks and standards such as NIST CSF, ISO 27001, CIS Controls, OWASP, and secure software development practices.
• Proven track record in designing and implementing enterprise security architectures across cloud, on-premise, hybrid, and application environments.
• Deep expertise in application security, including secure architecture, threat modeling, secure coding principles, API security, and vulnerability management.
• Hands-on experience with code security tools and practices, including SAST, DAST, SCA, container security scanning, secrets management, and code review processes.
• Strong knowledge of software development, security and integrating security requirements into Agile, DevOps, and CI/CD workflows.
• Demonstrated experience implementing and scaling DevSecOps practices in enterprise environments.
• Working knowledge of cloud security, IAM, encryption, endpoint protection, network security, and modern development platforms.
• Working knowledge of the ABS Health, Safety, Quality, and Environmental Management System.

Nice To Haves

• Preferred: Master’s degree in Cybersecurity, Information Technology, Software Engineering, or related discipline.
• Professional certifications such as CISSP, CSSLP, SABSA, TOGAF, CCSP, or other relevant cybersecurity/security architecture certifications are preferred.

Responsibilities

• Define and maintain the enterprise security architecture, standards, and reference models to ensure consistent, secure, and scalable solutions across ABS, including cloud, on-premise, hybrid, and application environments.
• Review application, infrastructure, SaaS, cloud, and other designs and architectures from a cybersecurity perspective, leading to a risk and compliance-based architecture review outcome.
• Establish and promote application security architecture principles, secure design patterns, and security requirements for internally developed and third-party applications.
• Work with enterprise architecture to ensure secure, functional foundational platforms for application development.
• Embed security throughout the software development lifecycle by partnering with development and engineering teams to integrate secure coding, code review, threat modeling, and security testing practices.
• Drive the adoption of DevSecOps practices by integrating security controls, automated code scanning, vulnerability detection, and policy enforcement into CI/CD pipelines.
• Provide guidance on code security practices, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), secrets detection, and remediation of vulnerabilities in source code and open-source dependencies.
• Partner with IT and business leaders to embed security into technology roadmaps, digital transformation initiatives, and software product delivery.
• Identify, assess, and mitigate cybersecurity risks associated with applications, APIs, cloud platforms, development pipelines, and business processes.
• Ensure alignment with regulatory frameworks, industry standards, secure development requirements, and ABS security policies.
• Evaluate, recommend, and implement emerging security technologies and practices related to application security, cloud security, and software assurance.
• Provide guidance to engineering, operations, platform, and development teams to integrate security into solution design, development, deployment, and ongoing support.
• Contribute to security incident response planning and support investigations involving application-layer threats, software vulnerabilities, and code-related security issues.
• Serve as a subject matter expert, mentor team members, and represent ABS in internal and external cybersecurity forums as required.

Benefits

• medical insurance (PPO and HD)
• dental and vision insurance
• Health Savings Account (HSA)
• Flexible Savings Account (FSA)
• life insurance
• accidental death and dismemberment insurance
• disability leave programs
• parental leave program
• paid holidays
• paid vacation time
• Employee Assistance Plan (EAP)
• 401K plan with a generous company match