Application Security Architect (41036)

As an Application Security Architect you'll play a key role in safeguarding digital landscape. You’ll collaborate with stakeholders across the organization to secure applications throughout their lifecycle, steer external partners in conducting in-depth assessments, and guide teams on integrating security controls into the SDLC. You’ll define and enforce security policies, stay ahead of emerging threats, and act as a trusted advisor to management and executives. I seek a hands-on expert with strong knowledge of OWASP, SANS, and NIST frameworks, as well as experience in threat modeling, secure coding, and vulnerability testing. Certifications like CISSP, CISM, or CSSLP are a plus. Join a forward-thinking environment where your expertise shapes our application security strategy and keeps innovation safe.

🚀 Project
- work with various stakeholders across the organization to ensure security of applications throughout their lifecycle considering industry best practices, regulatory requirements, and organizational needs
- steer external partner on conducting comprehensive security assessments of applications, identifying vulnerabilities and recommending appropriate remediation strategies
- collaborate with development teams to integrate security controls and measures into the application development process effectively
- define and enforce application security policies, standards, and procedures, ensuring compliance with internal and external security requirements
- stay up to date with emerging security threats, vulnerabilities, and industry trends related to application security and assess their potential impact
- provide guidance and support to development teams on secure coding practices, secure configuration management, and vulnerability remediation
- act as a subject matter expert and provide guidance on application security to stakeholders, management, and executives
- any other Security Architecture topic relevant to project deliverables
- stay abreast of industry standards and frameworks such as OWASP, SANS, and NIST, and incorporate relevant practices into the application security program
- develop and maintain strong relationships with key vendors and strategic external partners

🎯 Skills
- proven experience working as an Application Security Architect or in a similar role, with a focus on securing applications (threat modelling etc)
- strong knowledge of application security principles, including secure coding practices, input validation, authentication, access controls, and encryption
- experience with application security standards and frameworks, such as OWASP Top Ten, SANS CWE Top 25, and secure software development lifecycle (SDLC) methodologies
- hands-on experience with security testing techniques ideally including code review, vulnerability scanning, and penetration testing

💡 Nice to have
- knowledge and experience of industry standards such as ISO 27001, CIS Controls, NIST, Cyber Essentials
- certification or accreditation in Information Security (CSSLP, CISM, CISA, CISSP, etc.,) and/or relevant vendor specific certifications