Application Security Architect
We are seeking an experienced Application Security Architect to help build and mature our Application Security program. This role will partner closely with engineering and product teams to embed security throughout the software development lifecycle and establish scalable security practices across web, mobile, and API platforms.
Key Responsibilities
- Lead the development and ongoing improvement of the Application Security program, including strategy, processes, and tooling.
- Drive secure design reviews, threat modeling, code reviews, vulnerability management, and penetration testing initiatives.
- Partner with engineering teams to integrate security best practices into development workflows.
- Conduct security assessments of applications and APIs to identify and mitigate risk.
- Support security awareness efforts, incident response activities, and mentorship of junior team members.
Qualifications
- 10+ years of application security, product security, or related cybersecurity experience.
- Proven experience building or leading an Application Security program from the ground up.
- Strong understanding of secure software development practices and common application vulnerabilities (OWASP Top 10).
- Ability to communicate security concepts effectively to technical and business stakeholders.
- Experience reviewing code and assessing applications built with technologies such as C#, React, JavaScript, and REST APIs.
Preferred
- Active involvement in the security community through OWASP, BSides, open-source contributions, or related industry activities.
- Hands-on experience with SAST, DAST, threat modeling, and application security tooling.