Cyber Application Security Architect

Job Summary

Working remotely, the full-time salaried Cyber Application Security Architect will collaborate with software development, platform, cybersecurity, and cloud engineering teams to embed security throughout the software development lifecycle, focusing on secure-by-design practices, DevSecOps strategy, and risk-based vulnerability management.

Key responsibilities

• Serve as the security architecture authority, partnering with various teams to integrate secure-by-design principles into applications and infrastructure
• Conduct Secure by Design reviews and lead threat modeling workshops to validate security requirements and design decisions
• Advise on the security of CI/CD practices and collaborate with teams to automate security controls within developer workflows

Required qualifications

• 8+ years of IT experience, with 5+ years in security application tools and application security reviews
• Strong software development background with the ability to analyze production code and design decisions
• Demonstrated expertise in threat modeling and secure architecture for web and API-based applications
• Experience securing CI/CD and SDLC processes, including pipeline security and secrets management
• Working knowledge of AI/ML security risks and mitigations for applications utilizing ML models or GenAI components