Senior Application Security Architect

Key Responsibilities:

• Application Security Architecture:

• Design and implement robust security architecture for AWS-hosted services and applications, ensuring

  secure-by-design principles

  throughout the SDLC.

• Security Design & Governance:

• Conduct threat modeling, risk assessments, and architectural reviews for new and existing applications.
• Produce and review

  Architecture Decision Records (ADRs)

  .
• Define and enforce architectural standards, patterns, and reusable reference architectures for AWS microservices, APIs, containers, and serverless workloads.

• Collaboration:

• Partner with software engineers, DevOps, and security teams to align solutions with best practices and compliance standards.

• Tool Integration:

• Provide guidance on integrated security tools, such as

  MAST, SAST, DAST, SCA, IaC scanning, and secret detection

  , tailored for cloud environments.

• Emerging Technology:

• Stay updated on AWS security features and recommend adoption strategies to strengthen application security posture.

• Incident Response:

• Support forensic investigations and remediation strategies for application-layer security incidents.

• Security Advisory:

• Serve as an SME for application security during audits, compliance efforts, and governance processes.

• Enterprise Architecture:

• Participate in enterprise-wide architecture discussions.
• Drive high-level and detailed security design, introducing innovative technologies and patterns.
• Mentor and coach engineering teams on secure solution architecture.

Qualifications & Skills:

• Experience:

• 8+ years

  in application security, software engineering, or security architecture roles.

• 3+ years

  hands-on experience with AWS services (e.g.,

  IAM, KMS, CloudTrail, VPC, CodePipeline, Terraform

  ).

• Technical Expertise:

• Strong understanding of AWS compute, storage, networking, data, and security.
• Expertise in

  secure development lifecycle (SSDLC)

  and

  cloud-native application patterns

  (microservices, containers, CI/CD).
• Proven experience integrating security controls in CI/CD pipelines (e.g., Jenkins, GitHub, GitHub Actions).
• Proficiency in one or more programming languages (

  Python, Java, Go, Node.js

  ).

• Security Knowledge:

• Familiarity with

  OWASP Top 10

  ,

  SANS CWE Top 25

  , and

  threat modeling

  (e.g., STRIDE).
• Ability to communicate risk effectively to both technical and executive stakeholders.

• Certifications (Preferred):

• Security certifications like

  GDSA, GCAD, GWAT, GWEB, GPEN, GCPN, GXPN

  or similar.
• Additional certifications are a plus:

  SABSA, TOGAF, AWS Certified Solutions Architect

  .