Senior Application Security Architect

Category:

Cybersecurity

Employment Type:

Direct Hire

Reference:

BH-385234

Job Title: Senior Application Security Architect

Overview

The client company is seeking a Sr Application Security Architect to serve as a strategic leader and subject matter expert in application and product security. This role will be pivotal in defining enterprise-wide application security strategies, championing modern DevSecOps practices, and guiding secure adoption of technologies across cloud-native and on-premises environments. The ideal candidate brings deep technical expertise, strong architectural vision, and the ability to influence enterprise-wide security decisions in a rapidly evolving digital landscape-including the emerging space of AI and Generative AI (GenAI) security.

Responsibilities

• Define, communicate, and implement application security strategies and architectural standards across hybrid environments (cloud and on-premises).
• Lead the development and adoption of security-by-design principles within modern software development practices (Agile, DevSecOps, CI/CD).
• Partner with engineering, product, and platform teams to embed robust security controls into software architecture, APIs, microservices, and containers.
• Guide secure design for AI and GenAI systems-including secure model development, data protection, model governance, adversarial testing, and emerging risks (e.g., prompt injection, data leakage).
• Conduct architecture reviews, threat modeling, and risk assessments for high-value assets, APIs, cloud-native services, Container technologies, and open-source software.
• Recommend and enforce secure deployment patterns for SaaS, PaaS, and IaaS (AWS) models

• Bachelor's degree in a STEM discipline required; Master's degree preferred.
• 10+ years of experience in cybersecurity, with at least 7 years in application security architecture roles.
• Proven experience designing and implementing secure architectures in cloud environments- AWS
• Deep knowledge of secure software development practices, including threat modeling, secure coding, SAST/DAST/IAST, and OSS governance.
• Strong experience in securing APIs (OAuth, OIDC, JWT, mTLS), containers, Kubernetes, and microservices-based architectures.
• Understanding of modern AI/ML architecture and emerging GenAI security challenges, including model integrity, hallucination prevention, and responsible AI principles.
• Familiarity with industry frameworks and standards (e.g., OWASP Top 10, NIST 800 series, ISO 27001, MITRE ATLAS).
• Excellent communication and presentation skills, with the ability to engage stakeholders at all levels, including executive leadership.
• Demonstrated leadership in cross-functional initiatives and mentoring of junior architects or engineers.