Senior Security Architect

About The Position

Requirements

• 6+ years in software development and 5+ in security, including 3+ in a security architecture or technical leadership role.
• Strong engineering background with hands-on experience that informs secure design and threat modeling.
• Proven ability to partner with Engineering teams to embed security without slowing delivery.
• Deep knowledge of SSDLC, secure coding, and cloud security (AWS preferred).
• Experience with AI/ML security considerations.
• Expertise in threat modeling and secure design reviews (STRIDE, PASTA, or equivalent).
• Familiarity with frameworks like OWASP, NIST, CSA.
• Excellent communication and leadership skills; fluent in English.
• Practical experience with security tools and cloud-native technologies.

Nice To Haves

• Exposure to FedRAMP or similar compliance frameworks.
• Interest in sharing knowledge (e.g., blogs, talks, open source contributions).
• Familiarity with security testing and research techniques.
• Experience improving security maturity in Agile or DevSecOps environments.
• Passion for mentoring engineers in secure design and development.

Responsibilities

• Partner with Engineering to integrate security throughout the SSDLC: threat modeling, secure design reviews, secure coding practices, and CI/CD security controls.
• Provide security-focused guidance on product and platform designs—ensuring security principles are applied without disrupting innovation or ownership.
• Lead security initiatives that improve development processes and tooling (e.g., automated security checks, Infrastructure-as-Code scanning, secrets management).
• Define and maintain secure development standards, patterns, and guardrails for cloud-native and distributed systems.
• Conduct and guide threat modeling and security risk assessments for new features and architectures.
• Deliver security enablement: training, mentoring, and awareness sessions for engineers and security champions.
• Support incident response readiness for products and drive post-incident security improvements.
• Stay ahead of emerging threats and technologies, updating security policies and practices accordingly.
• Collaborate on AI/ML security for safe model integration and data protection aligned with evolving standards.

Benefits

• The compensation package includes a wide range of medical, dental, vision, financial, and other benefits.