Application Security Architect

Job Description

Application Security Architect Key Responsibilities • Design and implement application security architecture for GCP-hosted services and applications. • Ensures secure-by-design initiatives across SDLC, including threat modeling, risk assessments, and architectural reviews. • Responsible for the production and review of Architecture Decision Records (ADRs). • Collaborates with software engineers, DevOps, various security teams and cloud architects to ensure alignment with security best practices. • Define and promote secure coding standards and security-focused CI/CD pipelines. • Provide application security guidance for integrated security tools (e.g., MAST, SAST, DAST, SCA, laC scanning, secret detection) tailored for cloud environments. • Develop and provide consultation on security design patterns and reusable reference architectures (platform level) for GCP microservices, APIs, containers, and serverless workloads. Monitor emerging GCP security features and provide recommendations for adoption. Support incident response and forensics related to application-layer attacks. Guide remediation strategies for vulnerabilities and design flaws. Serve as the SME for application security in security governance, audits, and compliance efforts. • Provide architectural governance, reviewing projects to ensure alignment to technical strategy, company platform roadmaps, and enterprise standards Drive both high level and detailed design ensuring to partner with others where applicable • Find opportunities to embrace innovative technologies, perform rapid POCs to experiment and build rails for the engineering/product teams Coach and mentor engineering colleagues on solution architecture; providing advice, mentorship and assistance as required Actively participate in team and enterprise-wide architecture and engineering discussions Introduce enterprise architectural paradigms and solutions into the portfolio Communicate to senior leaders regarding strategy direction and changes. Qualifications 7+ years in application security, software engineering, or security architecture roles. 3+ years of hands-on experience with GCP services, including IAM, Cloud Run, GKE, Cloud Functions, VPCs, and Cloud Armor. Deep understanding of GCP: Compute, Storage, Networking, Data, and Security. • Deep understanding of secure development lifecycle (SSDLC) and cloud-native application patterns (e.g., microservices, containers, CI/CD). • Experience implementing security controls in CI/CD pipelines using Jenkins, GitHub, GitHub Actions, etc. • Expertise in at least one or more programming languages (e.g., Python, Java, Go, Node.js). • Familiarity with OWASP Top 10, SANS CWE Top 25, and threat modeling methodologies (e.g., STRIDE). Proven ability to communicate risk to technical and executive stakeholders. • At least one security related certification like: GDSA, GCAD, GWAT, GWEB, GPEN, GCPN GXPN Any of the following certifications are a plus, SABSA, TOGAF, GCP PCA. Role & responsibilities Preferred candidate profile