We are seeking an experienced Security Architect with a strong focus on embedding security deeply into application architecture and development lifecycles. This role is ideal for someone who combines deep knowledge of cybersecurity frameworks (e.g., NIST, ISO27001, Zero Trust) with a practical understanding of modern application design, DevSecOps, and secure software implementation. You will be responsible for ensuring that security is not an afterthought but a core part of how software is envisioned, built, and deployed across the enterprise.

Key Responsibilities:

1. Application-Centric Security Architecture

• Design and implement secure application architectures across microservices, APIs, mobile/web platforms, and cloud-native applications.
• Embed security by design into the full SDLC — from requirements gathering and architecture to deployment and maintenance.
• Champion the integration of security patterns such as secure authentication, authorization, secure APIs, input validation, and session management.
• Perform threat modeling and application architecture reviews to proactively identify and mitigate risks.
• Proven experience in application security architecture, secure software design, or DevSecOps.
• Hands-on experience with security tools (e.g., SonarQube, Checkmarx, Fortify, Snyk, Aqua, Twistlock).
• Strong familiarity with OWASP Top 10, CWE, CAPEC, and secure design principles.
• Solid knowledge of microservices, REST/GraphQL APIs, containerization, and cloud-native development.
• Certifications such as CSSLP, CISSP, or AWS/Azure/GCP Security Specialty are a plus.

2. Secure Software Delivery & DevSecOps

• Work closely with software development, DevOps, and product teams to integrate security controls into CI/CD pipelines.
• Drive the adoption of automated security testing (SAST, DAST, SCA, container scanning) as part of the build and deployment process.
• Define and enforce secure coding standards, conduct secure code reviews, and lead secure release practices.
• Integrate tooling and practices that ensure continuous compliance and shift-left security.

3. Application Risk & Compliance Management

• Conduct application-level risk assessments, vulnerability triaging, and remediation planning.
• Ensure application components comply with industry regulations (e.g., GDPR, HIPAA, SOC 2) and internal risk frameworks.
• Collaborate with compliance and QA teams to ensure audit readiness and traceability of security controls across applications.
• Lead security incident response and forensics related to application breaches or vulnerabilities.

4. Cloud & Platform Security Alignment

• Architect secure application deployments on cloud platforms (Azure, AWS, GCP), leveraging platform-native security features.
• Ensure identity and access controls, encryption, key management, and data protection mechanisms are built into applications.
• Support container orchestration (e.g., Kubernetes) and serverless platforms with appropriate runtime security and observability.

5. Security Governance & Developer Enablement

• Establish policies, guardrails, and reusable components that enable secure application development at scale.
• Conduct security training, workshops, and brown bags for developers, architects, and product managers.
• Define KPIs and metrics to track application security maturity and progress.
• Serve as the security point of contact for application roadmaps, architecture boards, and product launches.

6. Cross-Functional Leadership & Stakeholder Engagement

• Collaborate with Enterprise Architects, Product Owners, and Engineering Leaders to align security with business and product goals.
• Advise senior leadership (CISO, CTO, Head of Product) on evolving threats, trends, and mitigation strategies in application security.
• Engage with third-party vendors, auditors, and partners to evaluate and ensure secure integration and third-party risk compliance.

Skills and Qualifications

1. 12+ yrs of overall experience and minimum 2 yrs in a similar role

2. Experience in extending guidance to multi-function agile teams

3. Technical background:

• Strong technical skills to provide leadership to project teams
• Ability to collaborate with customers and develop strategies and solutions of high business value

4. Very effective interpersonal skills, including mentoring, coaching, collaborating, and team building

5. Excellent oral and written communication skills

6. Exceptional leadership, time management, facilitation, and organizational skills