CrawlJobs Logo
Daley and Associates Logo Daley and Associates · IT - Software Development

Application Security Architect

United States, Boston 70.00 - 80.00 USD / Hour · Job Posted May 11, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced Application Security Architect to lead and enhance secure application and cloud-native architecture practices across the organization. This role is responsible for performing application architecture security reviews, leading security risk assessments, defining secure development standards, and partnering closely with engineering and infrastructure teams to integrate security throughout the software development lifecycle (SDLC). The ideal candidate combines deep technical expertise in application and cloud security with strong communication and leadership skills. This individual will serve as a trusted advisor to development, DevOps, infrastructure, and security teams, helping to design and implement scalable, secure solutions in modern containerized and API-driven environments. This is a highly collaborative role with the opportunity to influence enterprise security strategy, modern DevSecOps practices, and secure cloud adoption initiatives.

Job Responsibility

  • Conduct security architecture reviews for new and existing applications, APIs, and cloud-native services to identify risks and recommend mitigation strategies
  • Lead application security risk assessments and threat modeling exercises for critical business applications and platforms
  • Define and maintain secure application architecture standards, reference patterns, and security best practices
  • Guide secure design principles, authentication and authorization models, encryption, secrets management, and secure API development
  • Design and implement security controls for containerized and Kubernetes-based environments, including OpenShift and Azure Kubernetes Service (AKS)
  • Support secure container runtime practices using technologies such as Docker and Podman
  • Collaborate with infrastructure and platform engineering teams to strengthen cloud-native security posture across Azure environments
  • Evaluate and recommend security tooling and controls for Kubernetes, container security, workload protection, and runtime monitoring
  • Partner with development and DevOps teams to integrate automated security controls into CI/CD pipelines and software delivery processes
  • Support secure development lifecycle (SDLC) initiatives, including security testing, code review processes, and vulnerability remediation workflows
  • Establish and maintain software supply chain security practices, including Software Composition Analysis (SCA), open source governance, and vulnerability management using tools such as NexusIQ or similar platforms
  • Guide Infrastructure-as-Code (IaC) security and deployment best practices
  • Implement and support API security controls and governance practices using enterprise API management and security solutions
  • Lead implementation and operational adoption of application protection technologies, including Runtime Application Self-Protection (RASP) solutions such as Contrast Protect
  • Collaborate with teams to improve application observability, logging, and runtime threat detection capabilities
  • Develop and maintain application security policies, standards, and procedures aligned with industry frameworks and regulatory requirements
  • Partner with development teams to remediate vulnerabilities and improve overall security maturity
  • Deliver security guidance, mentoring, and awareness training to engineering and operational teams
  • Stay current on emerging threats, vulnerabilities, technologies, and industry trends to continuously improve the organization's security posture

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field
  • 7+ years of experience in application security, including security architecture reviews, threat modeling, and risk assessments
  • Strong knowledge of secure software development practices and modern application security principles
  • Experience securing containerized and Kubernetes-based environments, including OpenShift and/or AKS
  • Experience integrating security into CI/CD pipelines and DevSecOps workflows using platforms such as Jenkins and Azure DevOps
  • Hands-on experience with application security testing methodologies and tools, including: Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
  • Penetration testing and vulnerability assessment
  • Experience implementing and managing API security controls and API management platforms
  • Strong understanding of OWASP Top 10, NIST, CIS benchmarks, and secure architecture principles
  • Excellent analytical, communication, and problem-solving skills with the ability to collaborate across technical and business teams

Nice to have

  • Experience with tools such as Traceable, NexusIQ, Contrast Protect, or equivalent enterprise security platforms
  • Experience securing Microsoft Azure cloud environments and cloud-native architectures
  • Familiarity with Infrastructure-as-Code (Terraform, Helm, Bicep) and related security controls
  • Knowledge of Kubernetes policy enforcement, container runtime security, and software supply chain security practices
  • Experience securing AI-enabled platforms and Model Context Protocol (MCP) environments, including governance, secure tool integration, identity controls, and protection of sensitive data and model interactions, is a plus
  • Relevant industry certifications such as: CISSP
  • CCSP
  • CSSLP
  • OSCP
  • GIAC security certifications
  • Kubernetes security certifications
Daley and Associates - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Application Security Architect

8 matching positions

Application Security Architect

The NTT DATA Services Security Analysis Strategic Advisor Security Architect ser...
Location
Location
United States , Boston
Salary
Salary:
116000.00 - 190000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 years of comprehensive full stack development experience, with proficiency in technologies such as J2EE, C# .NET, JavaScript, and Python.
  • 5 years serving as a senior application security architect, with a strong emphasis on promoting application security standards and practices.
  • Demonstrated expertise in designing, architecting, and building secure enterprise web applications.
  • Skilled in developing scalable applications on cloud platforms, including AWS and/or Azure, with a focus on security principles and deployment best practices.
  • Highly experienced in conducting security peer reviews across application design, testing, and code.
  • Working experience with integrating applications into security technologies such as WAF, API gateways, Privileged access management platforms , identity access management platforms , LDAP and identity access governance systems
Job Responsibility
Job Responsibility
  • Collaborate with the client in the definition and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of client’s environment and data
  • Participate with the customer in the strategic design process to translate security and business requirements into processes and systems
  • Evaluate new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization
  • Maintaining an information security strategy (forward looking roadmap), for your customer, aligning services / portfolio components to the strategy
  • Ensure the delivery of information security services to the customer is in compliance with the contract and any applicable standards and regulatory requirements (e.g., PCI, SOX)
  • Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
  • Participate in internal and external audits for the customer (e.g., PCI, SOX) and coordinate information security services activities
  • Manage and drive remediation efforts related to information security
  • remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
  • Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
What we offer
What we offer
  • medical, dental, and vision insurance with an employer contribution
  • flexible spending or health savings account
  • life and AD&D insurance
  • short and long term disability coverage
  • paid time off
  • employee assistance
  • participation in a 401k program with company match
  • additional voluntary or legally-required benefits
Read More
Arrow Right

Cloud / Application Security Architect

The Application Security Assurance Specialist - Principal (P3) is responsible fo...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ Years experience in providing technical expertise in managing security frameworks and tools (SAST, DAST, SCA, container security, etc.)
  • Advanced knowledge of application lifecycle management methodologies (Waterfall, Agile, DevSecOps, CI/CD)
  • Strong understanding of compliance with standards such as OWASP Top 10, NIST CSF, and CIS Controls
  • Demonstrated ability to lead security assurance initiatives across complex development environments
  • Proficiency in designing and executing technical assessments and risk evaluations
Job Responsibility
Job Responsibility
  • Define and enforce embedded security practices across SDLC and CI/CD pipelines, ensuring compliance with organisational security policies and standards
  • Oversee the integration of advanced security tools (e.g., SAST, DAST, SCA, automated secret scanning) with development environments
  • Provide technical guidance on security configuration management, deployment hardening, and secure integration of tooling across all phases of software delivery
  • Conduct in-depth security risk assessments for high- and low-level technical designs, evaluating compliance against OWASP, CIS Benchmarks, and secure coding standards
  • Perform comprehensive security testing across application environments, including API security, container scanning, and dynamic runtime assessments, while evaluating residual risk post-assessment
  • Collaborate with stakeholders to assess the security maturity of existing practices and recommend improvements aligned with compliance requirements and delivery velocity
  • Provide expert-level recommendations on the refinement of automation processes, risk mitigation strategies, and the deployment of compensating controls where necessary
  • Evaluate emerging technologies and leverage AI-driven application security tools to optimise assurance activities
  • Partner with development and DevSecOps teams to embed robust security measures within workflows, ensuring alignment with secure coding standards and organisational priorities
  • Actively engage in the training of development teams, fostering a culture of security awareness and empowering stakeholders to implement best practices
  • Fulltime
Read More
Arrow Right

Lead Application Security Architect

The Application Security Architect is a senior, influential role responsible for...
Location
Location
United Kingdom; Sweden; Poland , London; Stockholm; Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated application security or product security role
  • Demonstrated experience designing and implementing a Secure SDLC in a cloud-native environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of AppSec tools (e.g., Snyk, Checkmarx, Veracode,)
  • Experience with securing microservices architectures, APIs, and modern web/mobile applications
  • Experience with securing AI/ML systems
  • A Bachelor’s degree in a relevant field or equivalent professional experience
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s global Secure Software Development Lifecycle (SSDLC), from threat modeling to secure release, in close partnership with key stakeholders across Engineering and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for secure coding, vulnerability management, and secure architecture
  • Create and champion the strategy for our application security tooling, including SAST, DAST, IAST, and Software Composition Analysis (SCA)
  • Define and manage the application security standards for Mergers & Acquisitions, establishing clear requirements and guiding the architectural integration of acquired technologies
  • Act as a lead security consultant and strategic partner for product and engineering teams, providing expert guidance on secure design patterns and vulnerability remediation
  • Forge a dynamic partnership with the Platform Security team: co-design the security tooling roadmap, consume their platforms where they meet global standards, and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for new applications and high-risk features
  • Act as a senior mentor and advocate for security engineers and champions across the organization, helping to grow our security talent
  • Stay at the forefront of emerging application security threats, with a particular focus on the risks associated with AI/ML systems
  • Collaborate with Data & AI teams to develop security principles and architectural patterns for securely integrating AI into our products
  • Fulltime
Read More
Arrow Right

Cloud / Application Security Architect

The Application Security Assurance Specialist - Principal is a pivotal role focu...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ Years experience in providing technical expertise in managing security frameworks and tools (SAST, DAST, SCA, container security, etc.)
  • Advanced knowledge of application lifecycle management methodologies (Waterfall, Agile, DevSecOps, CI/CD)
  • Strong understanding of compliance with standards such as OWASP Top 10, NIST CSF, and CIS Controls
  • Demonstrated ability to lead security assurance initiatives across complex development environments
  • Proficiency in designing and executing technical assessments and risk evaluations
Job Responsibility
Job Responsibility
  • Define and enforce embedded security practices across SDLC and CI/CD pipelines, ensuring compliance with organisational security policies and standards
  • Oversee the integration of advanced security tools (e.g., SAST, DAST, SCA, automated secret scanning) with development environments
  • Provide technical guidance on security configuration management, deployment hardening, and secure integration of tooling across all phases of software delivery
  • Conduct in-depth security risk assessments for high- and low-level technical designs, evaluating compliance against OWASP, CIS Benchmarks, and secure coding standards
  • Perform comprehensive security testing across application environments, including API security, container scanning, and dynamic runtime assessments, while evaluating residual risk post-assessment
  • Collaborate with stakeholders to assess the security maturity of existing practices and recommend improvements
  • Provide expert-level recommendations on the refinement of automation processes, risk mitigation strategies, and the deployment of compensating controls
  • Evaluate emerging technologies and leverage AI-driven application security tools to optimise assurance activities
  • Partner with development and DevSecOps teams to embed robust security measures within workflows
  • Actively engage in the training of development teams, fostering a culture of security awareness
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right

Application Security Architect & Engineer

We are looking for an experienced Application Security Architect & Engineer to j...
Location
Location
United States , Richmond
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years of experience in application security or a related field
  • Strong understanding of secure coding practices and vulnerability management
  • Proficiency in programming languages such as JavaScript, Java, C#, and SQL
  • Familiarity with Agile and Scrum methodologies to support secure software development
  • Experience with modern web application architectures, including cloud technologies and APIs
  • Expertise in using application security tools like Accunetix, Veracode, and Splunk
  • Knowledge of compliance standards such as NIST 800-53 and IRS Pub 1075
  • Excellent communication skills to convey technical concepts to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Provide comprehensive security guidance and training to development and operations teams to enhance secure software practices
  • Evaluate application architecture and design to identify security risks and align them with DevSecOps principles
  • Promote and enforce secure coding standards across diverse programming languages such as JavaScript, Java, and C#
  • Conduct detailed reviews of source code to identify vulnerabilities and recommend effective remediation strategies
  • Assess and secure modern web application frameworks, including cloud technologies, APIs, microservices, and client-server models
  • Utilize application security testing tools and platforms, such as Accunetix, Veracode, Jenkins, Splunk, Rapid7, and Tenable, to identify and address security weaknesses
  • Ensure compliance with relevant security regulations and standards, including NIST 800-53 and IRS Pub 1075
  • Develop and maintain System Security Plans (SSPs) to document security policies and procedures effectively
  • Collaborate with cross-functional teams, including QA engineers and operations staff, to integrate security measures into workflows
  • Stay updated on emerging threats, technologies, and industry trends to continuously improve security practices
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • eligibility to enroll in company 401(k) plan
Read More
Arrow Right

Enterprise Security Architect Sr

Location
Location
United States , Auburn Hills
Salary
Salary:
Not provided
https://www.volkswagen-group.com Logo
Volkswagen AG
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years’ experience in a combination of Security Architecture, Security Operations, Data Security and Auditing with at least 5 years of experience in Information Technology architecture, planning and execution in complex environments
  • Bachelor’s degree in computer science, Information Technology, or related field or equivalent work experience
  • Certified Information Security System Professional (CISSP) certification or equivalent
  • Proven experience as a technical architect in multiple fields of IT (e.g. network, storage, server, client, web/application, cloud, etc.) with the ability to understand security best practices and implications across all fields
  • Strong experience across multiple cybersecurity domains including cloud security, application security, identity & access management, network security, and data protection
  • Hands-on experience implementing modern security architectures
  • Excellent knowledge of cybersecurity risk evaluations for applications and systems
  • Adept in translating security requirements into actionable controls and measures
  • Background in securing on-prem, cloud and hybrid systems in theory and practice, including secure architecture design concepts
  • Understanding of DevOps principles, shift left philosophy
Job Responsibility
Job Responsibility
  • Design, develop, review and implements security designs for new or existing technology system(s)
  • Establishing and maintain trust relationships with the business and project teams through active engagement, clear accountability and expectations, and frequent communication
  • Collaborate with other teams and departments to fit security requirements with other constraints, such as business requirements or technology limitations
  • Support business and project teams with cybersecurity architecture guidance, planning and executing cybersecurity related tasks
  • Provide cybersecurity review and recommendations for system and application designs and architectures as relates to adherence to security principles and company security policies, and develop a security risk management plan for noncompliance
  • Provide input on security requirements to be included in statements of work and other appropriate procurement documents
  • Create and maintain architecture design artifacts such as diagrams and documentation
  • Interpret output of activities such as penetration tests and application security scans, translating into actionable remediation requirements
  • Assist in identifying cybersecurity gaps and recommending remediation solutions, staying abreast of emerging security technologies and trends and apply them where appropriate
  • Provide technical guidance to project team members in areas of security best practice and company security policies
  • Fulltime
Read More
Arrow Right

Senior Security Architect

Wells Fargo is seeking a Senior Security Architect. We believe in the power of w...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
June 26, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Architecture experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • Strong years of experience in Information Security, Application Security, or Security Architecture
  • Proven experience of 4+ years independently driving threat modeling efforts across applications or platforms is must
  • Experience working with at least one industry‑recognized threat modeling tool (Microsoft TMT, IriusRisk, ThreatModeler, OWASP Threat Dragon etc.)
  • Solid understanding of OWASP Top 10 and SANS Top 25
  • Secure design principles, common attack vectors, and architectural anti‑patterns
  • Experience with STRIDE or other threat modeling frameworks
  • Working knowledge of MITRE ATT&CK and its relevance to design‑level threats
  • Comfortable reviewing architecture diagrams, design docs, and navigating code repositories (GitHub, TFS, etc.)
  • Hands‑on experience reviewing code manually to identify and mitigate security risks
Job Responsibility
Job Responsibility
  • Lead in component architecture and participate in enterprise architecture activity
  • Participate in the definition of future technology architecture and strategy
  • Develop and maintain business system and corporate architectures
  • Review and research complex technology and system assessments for component architecture
  • Support implementation of moderate to complex projects and initiatives
  • Produce project architecture designs
  • Ensure applications adhere to established Wells Fargo standards, policies, methodologies and industry best practices
  • Understand compliance and risk management requirements for supported areas
  • Stay ahead of emerging technologies and capabilities in order to prepare and respond to customer needs and expectations
  • Provide in-depth technical and systems consultation to internal clients and technical management to ensure alignment with the Enterprise Architecture
  • Fulltime
Read More
Arrow Right

Physical Security Application Engineer

The Physical Security Application Engineer operates within the Design & Engineer...
Location
Location
United Kingdom , Camberley
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience designing, architecting, and commissioning physical security systems in enterprise or public sector environments
  • Hands-on delivery across enterprise VMS and access control platforms (e.g. Genetec, Milestone, Gallagher), with relevant certifications preferred
  • Strong knowledge of CCTV, access control, IP networking, and infrastructure
  • Experience producing HLDs, LLDs, and full system architecture documentation
  • Familiar with FAT, SAT, and SIT testing processes
  • Solid understanding of Windows Server, enterprise IT environments, and domain infrastructure
  • Working knowledge of integration technologies and security system protocols
  • Networking knowledge to CCNA level or equivalent
Job Responsibility
Job Responsibility
  • Work closely with clients and stakeholders to capture operational, functional, and technical requirements across the project lifecycle
  • Provide trusted advisory services, helping clients shape their security technology strategy and understand the implications of design and platform decisions
  • Support bids, tenders, and professional services engagements with credible technical input
  • Operate consultatively across all phases of an engagement, not just at the point of delivery
  • Develop High-Level Designs (HLDs) and system architectures during bid and solution stages
  • Produce Stage 4 detailed designs and Low-Level Designs (LLDs) suitable for installation and delivery
  • Design complex, multi-system integrated solutions (CCTV, Access Control, analytics, networks, and supporting infrastructure)
  • Ensure designs incorporate resilience, scalability, cybersecurity, and compliance requirements
  • Act as Design Authority across assigned projects, ensuring all deliverables align to approved designs
  • Provide technical oversight throughout installation, testing, and commissioning phases
  • Fulltime
Read More
Arrow Right