Senior Security Architecture Specialist (Hybrid)

About The Position

Requirements

• Bachelor’s degree with 7+ years of work experience in the IT field or equivalent.
• Demonstrated experience designing and governing SDLC security controls at scale – SAST, SCA, OSS governance, and container scanning.
• Hands-on experience with policy as code frameworks (OPA, Sentinel, or equivalent) and the ability to review and write policies, not just evaluate vendor tooling.
• Experience producing architecture decision records, threat models, or equivalent design governance artifacts that served as authoritative references for engineering teams.
• Strong written and verbal communication, ability to translate architecture decisions into compliance traceability artifacts and executive-facing recommendation documents.
• Track record of driving adoption through influence.
• Strong scripting background (Python, PowerShell).

Nice To Haves

• A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field.
• Business acumen to support the implementation of SAST, DAST, SCA, Container Security, API Security and IaC tools across the enterprise.
• Ability to perform code reviews with minimal assistance.
• A self-starter, with a strong desire for learning new technologies and applying them to solve problems.
• Expertise in monitoring, alerting, reporting, and data analysis.
• Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
• Familiarity with public cloud services.
• Experience with two or more of the Secure SDLC tools like Github Advanced Security, Snyk, WhiteSource, Sonatype, X-Ray, Wiz.
• Experience with Threat Analysis.
• DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc.).
• Experience with evaluation, integration and onboard of application security tools.

Responsibilities

• Architecture governance Steward the security architecture standard across all verticals – ADRs, threat models, trust boundaries, and control plane design
• Produce compliance traceability artifacts mapping architecture decisions to compliance requirements
• Drive cross team architecture through influence with principal engineers and engineering leads
• Support security standards, create templates and patterns to increase the efficiency and adoption of security programs.
• Living Spec & Design Governance Operate and evolve the design governance toolchain
• Define the ADR lifecycles from creation to deprecation and ensure decision records remain the authoritative reference for architecture choices
• Build integrations between spec platform and dev tooling to make compliance traceability continuous, not periodic

Benefits

• Ample opportunity to move across the businesses for those who show passion and grit in their work.
• Ample opportunity to move about the business for those who show passion and grit in their work.
• Attractive and comprehensive employee benefits and perks in the industry.