CrawlJobs Logo

Application Security Architect

daleyaa.com Logo

Daley and Associates

Location Icon

Location:
United States , Boston

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

70.00 - 80.00 USD / Hour
Save Job
Save Icon
Apply Position

Job Description:

We are seeking an experienced Application Security Architect to lead and enhance secure application and cloud-native architecture practices across the organization. This role is responsible for performing application architecture security reviews, leading security risk assessments, defining secure development standards, and partnering closely with engineering and infrastructure teams to integrate security throughout the software development lifecycle (SDLC). The ideal candidate combines deep technical expertise in application and cloud security with strong communication and leadership skills. This individual will serve as a trusted advisor to development, DevOps, infrastructure, and security teams, helping to design and implement scalable, secure solutions in modern containerized and API-driven environments. This is a highly collaborative role with the opportunity to influence enterprise security strategy, modern DevSecOps practices, and secure cloud adoption initiatives.

Job Responsibility:

  • Conduct security architecture reviews for new and existing applications, APIs, and cloud-native services to identify risks and recommend mitigation strategies
  • Lead application security risk assessments and threat modeling exercises for critical business applications and platforms
  • Define and maintain secure application architecture standards, reference patterns, and security best practices
  • Guide secure design principles, authentication and authorization models, encryption, secrets management, and secure API development
  • Design and implement security controls for containerized and Kubernetes-based environments, including OpenShift and Azure Kubernetes Service (AKS)
  • Support secure container runtime practices using technologies such as Docker and Podman
  • Collaborate with infrastructure and platform engineering teams to strengthen cloud-native security posture across Azure environments
  • Evaluate and recommend security tooling and controls for Kubernetes, container security, workload protection, and runtime monitoring
  • Partner with development and DevOps teams to integrate automated security controls into CI/CD pipelines and software delivery processes
  • Support secure development lifecycle (SDLC) initiatives, including security testing, code review processes, and vulnerability remediation workflows
  • Establish and maintain software supply chain security practices, including Software Composition Analysis (SCA), open source governance, and vulnerability management using tools such as NexusIQ or similar platforms
  • Guide Infrastructure-as-Code (IaC) security and deployment best practices
  • Implement and support API security controls and governance practices using enterprise API management and security solutions
  • Lead implementation and operational adoption of application protection technologies, including Runtime Application Self-Protection (RASP) solutions such as Contrast Protect
  • Collaborate with teams to improve application observability, logging, and runtime threat detection capabilities
  • Develop and maintain application security policies, standards, and procedures aligned with industry frameworks and regulatory requirements
  • Partner with development teams to remediate vulnerabilities and improve overall security maturity
  • Deliver security guidance, mentoring, and awareness training to engineering and operational teams
  • Stay current on emerging threats, vulnerabilities, technologies, and industry trends to continuously improve the organization's security posture

Requirements:

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field
  • 7+ years of experience in application security, including security architecture reviews, threat modeling, and risk assessments
  • Strong knowledge of secure software development practices and modern application security principles
  • Experience securing containerized and Kubernetes-based environments, including OpenShift and/or AKS
  • Experience integrating security into CI/CD pipelines and DevSecOps workflows using platforms such as Jenkins and Azure DevOps
  • Hands-on experience with application security testing methodologies and tools, including: Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
  • Penetration testing and vulnerability assessment
  • Experience implementing and managing API security controls and API management platforms
  • Strong understanding of OWASP Top 10, NIST, CIS benchmarks, and secure architecture principles
  • Excellent analytical, communication, and problem-solving skills with the ability to collaborate across technical and business teams

Nice to have:

  • Experience with tools such as Traceable, NexusIQ, Contrast Protect, or equivalent enterprise security platforms
  • Experience securing Microsoft Azure cloud environments and cloud-native architectures
  • Familiarity with Infrastructure-as-Code (Terraform, Helm, Bicep) and related security controls
  • Knowledge of Kubernetes policy enforcement, container runtime security, and software supply chain security practices
  • Experience securing AI-enabled platforms and Model Context Protocol (MCP) environments, including governance, secure tool integration, identity controls, and protection of sensitive data and model interactions, is a plus
  • Relevant industry certifications such as: CISSP
  • CCSP
  • CSSLP
  • OSCP
  • GIAC security certifications
  • Kubernetes security certifications

Additional Information:

Job Posted:
May 11, 2026

Work Type:
Hybrid work
Icon
Daley and Associates - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Security Architect

Senior Application Security Architect

The Information Security Operations (ISO) Sr Manager is a senior management leve...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Knowledge of Scripting and Programming Languages preferred
  • Demonstrated ability to interpret and apply information security policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • English Advance Domain, fluently speaking and writing
  • Communication skills to explain security controls required for the solutions in a clear and concise manner to non-technology stakeholders
  • Project coordination, give track end to end to all the approval and presentation process
  • Correct comprehension technical and business requirements of the solutions to be explained in IS Global Committees
Job Responsibility
Job Responsibility
  • Support the implementation of Information Security (IS) Training Plan, by verifying training participants completed the training and understand IS requirements
  • Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams to improve O&T risk oversight
  • Attend and participate in internal/external IS forums and risk committees when necessary and provide IS updates to the business
  • Ensure stakeholders are held accountable for IS controls, and understand responsibilities in risk mitigation and remediation
  • Improve processes, remove IS deficiencies and enhance current tools that reduce an overall risk profile
  • Ensure security practices and standards compliance to reduce the likelihood of audit, regulatory and legal liabilities and reduce security risks by enhancing controls and minimizing weaknesses in Citi’s applications portfolio
  • Ensure non-compliant items are addressed through coordination with Business Manager and business staff
  • Support the Global Information Security (GIS) policies, standards, and initiatives development and implementation
  • Provide guidance on IS aspects of projects in support of business initiatives
  • Establish communication channels with cross-sector ISOs to efficiently tackle security issues that span multiple businesses
  • Fulltime
Read More
Arrow Right

AppSec & AI Security Architect

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or Engineering
  • 10+ years of experience in application or product security architecture, preferably in large enterprise or SaaS environments
  • Proven expertise in secure application and API design, cloud-native security, and DevSecOps enablement
  • Proven expertise in secure application and API design, WAAP, and ASPM solutions
  • Strong experience with Kubernetes (K8s), containerization, and service mesh architectures
  • Hands-on experience implementing or governing GitOps pipelines and policy-as-code frameworks (e.g., OPA/Gatekeeper, Kyverno)
  • Knowledge of Zero Trust, data protection, and modern identity standards (OIDC, OAuth2)
  • Familiarity with AI/ML security risks, model governance, and responsible AI adoption
  • Deep knowledge of OWASP ASVS, NIST CSF, ISO 27034, and CIS Controls
  • Desired Certifications: CISSP, CSSLP, SABSA, CCSP, CKA (Certified Kubernetes Administrator), or CCSK.
Job Responsibility
Job Responsibility
  • Defining and maintaining secure application architecture patterns, reference designs, and reusable components across enterprise and cloud-native ecosystems
  • Performing architecture risk assessments and threat modeling for major application programs, APIs, and platforms
  • Leading adoption of Web Application and API Protection (WAAP) controls and Application Security Posture Management (ASPM) tools to enable continuous risk visibility and compliance
  • Embedding security controls in SDLC and CI/CD pipelines, including SAST, DAST, SCA, IaC, and container scanning
  • Designing and governing security for Kubernetes-based and containerized workloads, including service mesh and runtime protection
  • Developing and enforcing standards for API and microservices security, including authentication, authorization, and token lifecycle management (OAuth2, OIDC, mTLS)
  • Establishing secure-by-default configurations for CI/CD and GitOps pipelines (e.g., ArgoCD, Flux, Jenkins, GitHub Actions)
  • Partnering with engineering teams to design secure cloud-native and hybrid architectures across AWS, Azure, and GCP
  • Providing security guidance for applications leveraging AI/ML or LLM capabilities, such as input/output sanitization, model integrity, and data protection
  • Establishing application security KPIs, governance models, and maturity metrics
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion.
  • Fulltime
Read More
Arrow Right

Principal Security Architect

As a Security Architect, your role involves designing, reviewing, and enhancing ...
Location
Location
United States , San Francisco
Salary
Salary:
164000.00 - 290000.00 USD / Year
ethoslife.com Logo
Ethos
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in Information Security with at least 2 years as a Security Architect
  • Bachelor’s Degree in Computer Science or related field, or an additional 3 years of pertinent work involvement preferred
  • Strong knowledge of prevalent security architectures, frameworks, standards and emerging threats along with strategies and technologies for defense
  • Deep understanding of network protocols, operating systems, databases, applied cryptography, least privilege, zero trust principles, identity & access management, and other core information security concepts
  • Expertise in cloud computing and its associated best security practices encompassing applications, infrastructure, storage, platforms, and data security
  • Ability to conduct threat modeling and risk assessments
  • Ability to come into our San Francisco, CA office once a week
Job Responsibility
Job Responsibility
  • Conduct Threat Modeling & Architectural Assessments to cover all Information Security domains to ensure Security by Design
  • Assess technologies and solutions to develop and enrich security capabilities
  • Identify security gaps and communicate associated business risks to relevant stakeholders
  • Craft solutions that harmonize business needs with security and compliance requirements
  • Verify the effectiveness of security controls in mitigating identified risks
  • Assist engineering projects across the Software Development Life Cycle (SDLC) and collaborate to prioritize product security elements effectively
  • Apply expertise in information security and application development to instigate organizational shifts aimed at managing and resolving security weaknesses and vulnerabilities
  • Contribute to the creation of security policies, standards, and guidelines
  • Devise and implement frameworks for data classification, retention, and disposal to ensure alignment with data privacy regulations
  • Spearhead initiatives for data security awareness and training
  • Fulltime
Read More
Arrow Right

Application Security Engineer

In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap fo...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in application security, including hands-on experience with security testing tools and techniques
  • Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities and secure coding practices
  • Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk
  • Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code
  • Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices
  • Excellent analytical and problem-solving skills, with attention to detail
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
  • Certifications such as CISSP, CEH, or CASE (Java), or equivalent
  • Demonstrated ability to work independently and prioritize tasks in a fast-paced environment
Job Responsibility
Job Responsibility
  • Conduct thorough security assessments of applications, identifying vulnerabilities and weaknesses in code, architecture, and configurations
  • Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed
  • Perform regular security testing, including static code analysis, dynamic application scanning, and penetration testing, to identify and mitigate security risks
  • Analyze security incidents and provide timely response and remediation actions to mitigate potential threats
  • Develop and maintain security documentation, including security requirements, design documents, and security testing reports
  • Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems
  • Stay up-to-date with emerging security threats and industry best practices, and recommend security enhancements and controls accordingly
  • Provide security guidance and support to cross-functional teams, including developers, architects, and project managers
  • Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements
  • Collaborate with third-party vendors and partners to assess the security posture of integrated systems and applications
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Enterprise Security Architect

Enterprise Security Architect role at HPE's Cybersecurity team responsible for d...
Location
Location
United States , Spring
Salary
Salary:
117500.00 - 270000.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in security architecture, solution architecture, or related roles in large, complex enterprises
  • Deep experience with on-premises infrastructure security (data centers, networks, OT/ICS, mainframes, Windows/Linux servers)
  • Strong knowledge of cloud security (AWS/Azure/GCP) and hybrid architecture models
  • Detailed understanding of enterprise security domains: identity and access, network security, data protection, and application security
  • In-depth experience with security frameworks (NIST CSF, ISO 27001, CIS Controls, OWASP)
  • Bachelor's or master's degree in computer science, Engineering, Cybersecurity, or related field
  • Certifications such as CISSP, SABSA, TOGAF, CCSK, or CCSP are a plus
Job Responsibility
Job Responsibility
  • Define and maintain enterprise security reference architectures, patterns, and standards for on-prem, hybrid, and cloud environments
  • Conduct architecture risk assessments and security design reviews for major technology programs
  • Design secure architectures for data centers, networks, servers, OT/ICS, IT infrastructure and legacy business platforms
  • Guide the secure modernization of on-prem workloads and public cloud platforms (AWS/Azure/GCP)
  • Drive Zero Trust principles and identity-centric security models across enterprise systems
  • Establish design patterns for data classification, encryption, and data loss prevention
  • Provide security guidance for emerging AI/ML platforms and use cases, including data privacy, model security, and responsible use
  • Partner with enterprise architects, engineering teams, infrastructure, and compliance to embed security early in designs
  • Act as a trusted advisor to technology leaders and mentor engineers on secure design practices
  • Practice champion secure-by-design thinking and drive adoption across the enterprise
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Google Cloud Platform Cloud Security Architect

Location
Location
United States , Roswell
Salary
Salary:
Not provided
synkriom.com Logo
Synkriom
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of prior experience in IT in network security, information security and infrastructure in a high-tech environment
  • 5+ years architecting and implementing security and DevSecOps on public cloud solutions (AWS or Google Cloud Platform)
  • Work experience as a Cloud Security Architect or similar role in a cloud native environment
  • Deep hands-on experience leading the design and deployment of technology infrastructure and associated security controls
  • Experience in solutions for data security, data masking, data classification, data anonymization
Job Responsibility
Job Responsibility
  • Provide domain expertise around public cloud and enterprise technology
  • Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/AzureP)
  • Update security tools for logging/monitoring and growing coverage of existing tools
  • Make recommendations to management on enhancements to existing and new security software or related tools
  • Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets
  • Help implement and maintain next-generation enterprise protection tools and malware detection technologies
  • Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration and implementations
  • Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices
  • Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud
  • Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security
Read More
Arrow Right

Network and Security Architect - SASE

We are seeking a highly skilled and experienced Network and Security Architect w...
Location
Location
Poland , Łódź
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in network and security architecture, with a strong focus on cloud security
  • 5+ years of hands-on experience designing, deploying, and managing large-scale ZTNA and SASE solutions in enterprise environments
  • Deep understanding and practical experience with leading SASE vendor platforms (e.g., Zscaler, Palo Alto Networks Prisma Access, Fortinet FortiSASE, Netskope, etc.)
  • Proven expertise in Zero Trust principles and their practical implementation across various layers (identity, device, application, data)
  • Strong knowledge of networking protocols (TCP/IP, BGP, OSPF, DNS, HTTP/S), VPN technologies (IPsec, SSL VPN), and network security concepts (firewalls, IDS/IPS, WAF)
  • Experience with cloud platforms (Azure, AWS, GCP) and their security services
  • Proficiency in identity and access management (IAM) concepts and technologies (SAML, OAuth, OpenID Connect, MFA)
  • Excellent analytical, problem-solving, and decision-making skills
  • Strong communication, presentation, and interpersonal skills with the ability to influence and persuade stakeholders at all levels
  • Ability to work independently and as part of a global, cross-functional team
Job Responsibility
Job Responsibility
  • Lead the design, development, and evolution of Bosch's global ZTNA and SASE architecture, ensuring alignment with industry best practices, regulatory requirements, and Bosch's security policies
  • Define architectural patterns, standards, and blueprints for ZTNA and SASE components, including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Firewall-as-a-Service (FWaaS), Zero Trust Network Access (ZTNA), Data Loss Prevention (DLP), and advanced threat protection
  • Evaluate and recommend new technologies, vendors, and solutions within the ZTNA/SASE ecosystem to enhance Bosch's security capabilities and optimize performance
  • Develop and maintain the architectural roadmap for ZTNA and SASE, forecasting future needs and anticipating technological shifts
  • Oversee the end-to-end deployment of ZTNA and SASE solutions, including planning, design, implementation, testing, and go-live
  • Collaborate with network engineering, security operations, application development, and business units to ensure seamless integration of ZTNA/SASE with existing IT infrastructure and applications
  • Define integration strategies for identity providers (e.g., Azure AD), endpoint security solutions, and other security tools
  • Provide expert guidance and technical leadership to implementation teams and external vendors
  • Translate high-level security requirements into detailed ZTNA and SASE policies, rules, and configurations
  • Develop and enforce security standards and guidelines for secure access, data protection, and threat prevention within the SASE framework
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Complex environment of working, professional support and possibility to share knowledge and best practices
  • Ongoing development opportunities in a multinational environment
  • Broad access to professional trainings (incl. language courses), conferences and webinars
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Fulltime
Read More
Arrow Right