We are seeking an Application Security Architect to join the Security practice and collaborate closely with our largest enterprise clients.

Responsibilities

• Coordinate and oversee Security Audits throughout the software development lifecycle, including Architecture, Process, Risk, and Testing
• Establish and drive secure software development lifecycle (SSDLC) programs
• Provide direct support to software development teams, introducing secure development methodologies, tools, and processes
• Train Software Development teams in secure development practices
• Design and implement secure architectures for various projects
• Effectively communicate the importance of a Secure Software Development Life Cycle to customers and teams, along with strategies for implementation
• Collaborate with all sub-teams, including BAs, Developers, and QAs, to promote a unified understanding of Security Requirements, Threats, and Mitigations
• Engage and synchronize efforts with other Security Teams, including Cloud Security Engineers, Infrastructure Security Engineers, and Penetration Testers
  
  
  

Requirements

• A degree in Software Development or Security-focused disciplines, or equivalent professional experience
• A strong interest in pursuing professional growth in the field of Security
• Familiarity with one or more Security Development methodologies, such as Microsoft SDL, OWASP OpenSAMM, or BSIMM
• Familiarity with Threat Modeling, and practical experience using Threat Modeling Tools
• Understanding of core Security-related activities in development like Security Requirements gathering, Risk Assessment, and Security Code Review
• Familiarity with security threats, their classification, and implementation
• Understanding of foundational security concepts and principles
• Understanding of protective measures and defensive layers across security domains
  
  
  

Nice to have

• Familiarity with cybersecurity tools for Static Code Analysis, Penetration Testing, and Intrusion Detection/Prevention
• Knowledge of Security Features and Mechanisms associated with at least one OS and development platform/technologies
• Understanding of threat mitigation mechanisms
• Familiarity with existing security standards and regulations, with experience in implementing related requirements
• Understanding of fundamental principles in infrastructure security and penetration testing
• Experience with cloud security controls and security policies
• Relevant certifications such as CISSP, CCSP, SANS GIAC, or other recognized Security qualifications
• Experience leveraging Cloud Security solutions
  
  
  

We offer

• Engineering Heritage. Best-in-class experts sharing a culture of engineering excellence and tackling complex engineering challenges for over 30 years.
• Advanced Tech Stack. Innovative projects where you can apply or enhance your expertise in Cloud, Data, AI, and other emerging technologies.
• World-Class Clients. Work closely with 295+ of the Forbes Global 2000 on creating disruptive solutions that make a global impact.
• Professional Growth. Exceptional support for career development with comprehensive resources for upskilling or reskilling in pioneering practices.
• GenAI Community. Strong AI competencies with 600+ experts across 55+ locations driving GenAI-enabled transformation journeys.
• Entrepreneurial Culture. If you're passionate and dedicated to improving business transformation, we provide the support you need to bring your ideas to life.
• Hybrid Setup.The flexibility to work from any location in Montenegro, whether it's your home or our dynamic offices.
• Other Benefits. Corporate health insurance and the possibility of buying private health insurance for the family at a corporate price.
  
  
  

This position offers hybrid setup with the flexibility to work from any location in Montenegro, whether it's your home or our dynamic offices in Herceg-Novi and Podgorica.

As consultants, designers, architects, engineers and trainers, at EPAM we focus on building long-term partnerships with our clients, enabling them to reimagine their businesses through a digital lens. We help our clients become faster, more agile and more adaptive enterprises, by delivering solutions through best-in-class engineering, strategy, design, consulting, education and innovation services.