Job
Description
Who You Are You are a highly experienced and visionary securityprofessional with deep expertise in application security, architecture, and secure software development. You’re not only a strategist and a technical authority, but also someone who remains hands-onwhen it matters. You thrive on solving large-scale security problems, designing resilient security architectures, and enabling engineering teams to ship secure products without friction. You lead with influence, partner with engineering and product leaders, and drive scalable security solutions across an enterprise. You also play a pivotal role in client's Application Security Research &Engineering (ASRE) program—guiding the development of internal tooling, automation, and innovative approaches to secure software at scale. What You’ll Do Design and own secureapplication architectures across client's productlandscape, including SaaS platforms, mobile apps, APIs, and cloud-native services. Define and evolve application security strategy , driving initiatives that align with client's product roadmapand risk posture. Lead architecture reviews,threat modeling sessions, and risk assessments for high- impact products and features, including those involving AI/ML pipelines . Engineer and advocate scalablesecurity solutions , from reusable libraries and security design patterns to tooling integrations within the SDLC. Build and maintainrelationships with engineering leaders, product managers,and infrastructure teams to champion security-by-design principles. Partner with ASRE to defineand drive automation projects, internal tool development, and scalable controls for vulnerability discovery and remediation. Serve as the securitytechnical authority during escalations, post-incident reviews, customer audits, and design sprints. Provide technical leadership to the broaderAppSec team, mentoringSenior and Lead engineers and participating in hiring and capability building. Evaluate and introduce new technologies, standards, or frameworks to improve application security and developer experience. What You Bring 10+ years of experience in information security,with a strong focus on application security, architecture design , and secure development practices. Deep understanding of secure softwaredevelopment lifecycles (SDLC),secure design principles, and modern threat landscapes (including AI/MLrisks, supply chain,cloud- native, and microservices). Proven ability to architectsecure solutions across multi-tenant SaaS platforms, microservices, and API-driven ecosystems. Expertise in performing and leading threat modeling , code reviews , and architecture risk assessments . Strong coding and scripting skills (e.g., Python,Java, JavaScript, TypeScript, etc. ); ability to prototype tools or support ASRE initiatives directly. Hands-on experience with security tools and platforms (e.g., SAST, DAST, IAST, SCA, container scanning, IaC analysis). Familiarity with cloud security and native controls(AWS/GCP/Azure), DevSecOps pipelines, and IaC tools like Terraform. Excellent communication skillswith a proven ability to influence both technical and executive stakeholders. Strong grasp of regulatory frameworks and standards such as ISO 27001, SOC 2, PCI, OWASP, NIST 800-53/218, and AI RMF. Bonus If You Have Experience building securityframeworks or referencearchitectures adopted across multiple product teams. Research contributions to ASRE-style initiatives, open-source tooling, or internal platform development. Knowledge of emergingAI security threats(adversarial ML, model poisoning, privacy leakage, etc.). Certifications such as AWS CertifiedSolutions Architect—Associate/Professional, CSSLP, OSWE, GCPN, CISSP, SABSA, or SANS/GIAC Architect-level certification. Why You’llLove This Role You’ll define and influence the security architecture of platforms used by thousandsof customers worldwide. You’ll work on high-impact initiatives with the authority to shape how security is done— not just today, but for the long term. You’ll help grow and mentor a world-class AppSec team while staying close to the technology you love. You’ll drive an engineering-led securityculture alongside leadership that supports security investment, research, and innovation. Show more Show less
