About The Position

We are seeking a highly skilled and experienced Senior Application Security Architect to join our team. In this role, you will be part of the Product Security organization within ADP’s Global Security Organization (GSO), which plays a strategic role in enabling secure development and supporting the delivery of trusted products, solutions, and services across the entire ADP ecosystem. As a Senior Application Security Architect, you will partner closely with product, engineering, and cloud architecture teams to design and guide the implementation of secure application architectures. You will leverage your deep expertise in application security architecture, public cloud platforms (AWS and Azure), and GenAI security to influence design decisions, reduce risk, and champion secure‑by‑design principles across the organization. This role is instrumental in helping teams build secure applications, integrate third‑party and SaaS solutions responsibly, and elevate ADP’s overall security posture through thought leadership, architectural oversight, and proactive engagement throughout the SDLC.

Requirements

  • 8+ years of experience in Application Security, Security Architecture, or related technical security roles.
  • Deep expertise in Application Security practices, including secure coding, API security, microservices, container/Kubernetes security, DevSecOps, and security scanning tools.
  • Proven experience designing secure application and cloud architectures (AWS, Azure). AWS or Azure Architecture certifications are a plus.
  • Strong understanding of GenAI / LLM / Agentic AI security, including data governance, retrieval‑augmented generation (RAG), model threats, and secure integration patterns.
  • Strong knowledge of security frameworks and standards (e.g., OWASP ASVS, SAMM, NIST 800‑53, NIST CSF, ISO 27001, CIS Controls).
  • Hands-on experience with Threat Modeling methodologies, tools (e.g., IriusRisk, Microsoft Threat Modeling Tool), and risk assessment techniques.
  • Knowledge of identity and access management, OAuth2/OIDC, JWT security, secrets management, key management (KMS), and zero-trust design principles.
  • Experience with CI/CD pipeline security (GitHub, GitLab, Azure DevOps, Jenkins) and infrastructure-as-code security (Terraform, CloudFormation, ARM).
  • Strong understanding of data security, encryption, privacy-by-design, and secure logging and monitoring practices.
  • Excellent communication, collaboration, and stakeholder engagement skills, with the ability to influence and drive security adoption.

Nice To Haves

  • AWS or Azure Architecture certifications are a plus.
  • Relevant security certifications are a plus: CISSP, CISM, CCSP, CSSLP, CEH, SANS/GIAC certifications, or cloud security certifications.

Responsibilities

  • Partner with global product and engineering teams to design, review, and evolve secure application architectures across multi-country environments.
  • Influence technical leaders—solution architects, security champions, engineering managers, and developers—to adopt secure-by-design principles and continuously improve security maturity.
  • Conduct in-depth security architecture reviews and provide clear, actionable security requirements, design guidance, and validation throughout the entire solution lifecycle.
  • Lead and facilitate Threat Modeling activities, leveraging tools such as IriusRisk to help teams create architecture diagrams, identify security risks, define countermeasures, and validate threat coverage.
  • Develop and maintain secure architecture patterns, reference architectures, and application security standards, ensuring alignment with industry frameworks (e.g., NIST, OWASP, CIS).
  • Embed security across the SDLC, educating product teams on integrating secure coding practices, secure API design, CI/CD security controls, and automated security testing.
  • Support secure integration of third‑party platforms, SaaS solutions, and cloud-native services, ensuring vendor risk and architecture risks are understood and mitigated.
  • Advise on GenAI, LLM, and AI/ML application security, including data protection, model security, prompt injection mitigation, dependency controls, and risk evaluation of AI-driven components.
  • Partner with Cloud Architecture teams to ensure consistent application of cloud security controls, identity and access management (IAM), network segmentation, and zero-trust principles across AWS, Azure, and hybrid environments.
  • Drive incident response readiness by contributing to architecture-level threat scenarios and ensuring logging, monitoring, and detection capabilities are properly embedded.
  • Monitor emerging security threats, technologies, and regulatory requirements to guide continuous improvement of the organization’s security architecture posture.
  • Communicate complex security concepts to both technical and non-technical stakeholders, enabling informed decision-making at all levels.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service