CrawlJobs Logo
Hewlett Packard Enterprise Logo Hewlett Packard Enterprise · IT - Software Development

AppSec & AI Security Architect

India, Bangalore · Job Posted November 26, 2025
Apply Position
Job Link Share

Job Description

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. HPE’s Cybersecurity organization is where innovation meets trust. This role involves defining secure application architecture patterns, embedding security into the software development lifecycle, conducting architecture risk assessments, and supporting responsible integration of AI technologies.

Job Responsibility

  • Defining and maintaining secure application architecture patterns, reference designs, and reusable components across enterprise and cloud-native ecosystems
  • Performing architecture risk assessments and threat modeling for major application programs, APIs, and platforms
  • Leading adoption of Web Application and API Protection (WAAP) controls and Application Security Posture Management (ASPM) tools to enable continuous risk visibility and compliance
  • Embedding security controls in SDLC and CI/CD pipelines, including SAST, DAST, SCA, IaC, and container scanning
  • Designing and governing security for Kubernetes-based and containerized workloads, including service mesh and runtime protection
  • Developing and enforcing standards for API and microservices security, including authentication, authorization, and token lifecycle management (OAuth2, OIDC, mTLS)
  • Establishing secure-by-default configurations for CI/CD and GitOps pipelines (e.g., ArgoCD, Flux, Jenkins, GitHub Actions)
  • Partnering with engineering teams to design secure cloud-native and hybrid architectures across AWS, Azure, and GCP
  • Providing security guidance for applications leveraging AI/ML or LLM capabilities, such as input/output sanitization, model integrity, and data protection
  • Establishing application security KPIs, governance models, and maturity metrics
  • Contributing to secure SDLC frameworks, DevSecOps enablement, and developer awareness programs
  • Mentoring engineers, developers, and junior architects in secure coding and secure design practices.

Requirements

  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or Engineering
  • 10+ years of experience in application or product security architecture, preferably in large enterprise or SaaS environments
  • Proven expertise in secure application and API design, cloud-native security, and DevSecOps enablement
  • Proven expertise in secure application and API design, WAAP, and ASPM solutions
  • Strong experience with Kubernetes (K8s), containerization, and service mesh architectures
  • Hands-on experience implementing or governing GitOps pipelines and policy-as-code frameworks (e.g., OPA/Gatekeeper, Kyverno)
  • Knowledge of Zero Trust, data protection, and modern identity standards (OIDC, OAuth2)
  • Familiarity with AI/ML security risks, model governance, and responsible AI adoption
  • Deep knowledge of OWASP ASVS, NIST CSF, ISO 27034, and CIS Controls
  • Desired Certifications: CISSP, CSSLP, SABSA, CCSP, CKA (Certified Kubernetes Administrator), or CCSK.

Nice to have

  • Desired Certifications: CISSP, CSSLP, SABSA, CCSP, CKA (Certified Kubernetes Administrator), or CCSK
  • Familiarity with AI/ML security risks, model governance, and responsible AI adoption.

What we offer

  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion.
Hewlett Packard Enterprise - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

AppSec & AI Security Architect

8 matching positions

Lead Application Security Architect

The Application Security Architect is a senior, influential role responsible for...
Location
Location
United Kingdom; Sweden; Poland , London; Stockholm; Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated application security or product security role
  • Demonstrated experience designing and implementing a Secure SDLC in a cloud-native environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of AppSec tools (e.g., Snyk, Checkmarx, Veracode,)
  • Experience with securing microservices architectures, APIs, and modern web/mobile applications
  • Experience with securing AI/ML systems
  • A Bachelor’s degree in a relevant field or equivalent professional experience
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s global Secure Software Development Lifecycle (SSDLC), from threat modeling to secure release, in close partnership with key stakeholders across Engineering and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for secure coding, vulnerability management, and secure architecture
  • Create and champion the strategy for our application security tooling, including SAST, DAST, IAST, and Software Composition Analysis (SCA)
  • Define and manage the application security standards for Mergers & Acquisitions, establishing clear requirements and guiding the architectural integration of acquired technologies
  • Act as a lead security consultant and strategic partner for product and engineering teams, providing expert guidance on secure design patterns and vulnerability remediation
  • Forge a dynamic partnership with the Platform Security team: co-design the security tooling roadmap, consume their platforms where they meet global standards, and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for new applications and high-risk features
  • Act as a senior mentor and advocate for security engineers and champions across the organization, helping to grow our security talent
  • Stay at the forefront of emerging application security threats, with a particular focus on the risks associated with AI/ML systems
  • Collaborate with Data & AI teams to develop security principles and architectural patterns for securely integrating AI into our products
  • Fulltime
Read More
Arrow Right

Security Solution Architect

As a Security Solution Architect at JFrog, you will be a high-impact technical p...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Years of AppSec & Enterprise Pedigree: Extensive background in Application Security and software supply chain, with a proven history of navigating Fortune 500 environments.
  • Strategic Security Governance: 5–7+ years of experience partnering with IT and governance teams to deploy scalable, robust security programs.
  • Engineering DNA: Deeply rooted in the SDLC
  • expert at integrating security into the developer workflow without sacrificing delivery velocity.
  • Sales Rigor & Methodology: 5–7+ years of Enterprise technical sales experience, leveraging MEDDPICC/Challenger to lead high-stakes Proof of Value (PoV) engagements.
  • Modern Technical Depth: Expert knowledge of DevSecOps, AI, and cloud-native ecosystems, including Kubernetes and CI/CD orchestration.
  • The "Frog" Mindset: A self-starting collaborator who leads with curiosity and humility to bridge internal silos and build lasting trust.
Job Responsibility
Job Responsibility
  • Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring JFrog’s security capabilities provide a "Future State" blueprint for our most strategic customers.
  • Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain.
  • Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders.
  • Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data.
  • Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight JFrog’s unique ability to secure the entire lifecycle.
  • Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos.
  • Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win".
  • Fulltime
Read More
Arrow Right

Application Security Engineer – AI & Cloud

This role is the first dedicated Application Security hire on a growing security...
Location
Location
United States , Minneapolis
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application Security, Security Engineering, DevSecOps, or secure software development
  • Hands-on experience with SAST, DAST, secrets scanning, and dependency review in enterprise environments
  • Strong knowledge of API security — authentication, authorization, transport security, and data handling risks
  • Working knowledge of AWS security fundamentals — IAM, logging, encryption, networking, and secrets management
  • Experience securing or governing AI-assisted development tools such as Cursor, GitHub Copilot, or similar
  • AWS fundamentals including IAM, secrets management, logging, and networking
  • Experience embedding security controls into SDLC and CI/CD pipelines
  • Strong documentation skills — ability to produce defensible standards and audit-ready evidence for NIST and SOC 2
  • Excellent verbal and written communication skills
  • ability to work effectively with developers, architects, and business stakeholders
Job Responsibility
Job Responsibility
  • Own and operate the organization’s SAST and DAST programs end-to-end
  • Design, deploy, tune, and mature SAST and DAST tooling across development and release pipelines
  • Review application code, including AI-generated code, to identify vulnerabilities, insecure patterns, secrets exposure, and data handling risks
  • Partner directly with software developers to triage findings, prioritize remediation, and validate fixes
  • Act as a trusted AppSec partner to engineering, not a gatekeeper
  • Perform application and API security reviews across internally developed and SaaS-integrated systems
  • Evaluate authentication, authorization, transport security, rate limiting, session handling, logging, and data exposure risks
  • Assess externally exposed applications and APIs for secure design and release readiness
  • Support secure AWS application patterns including IAM, secrets management, logging, networking, and containerized workloads
  • Help centralize and improve secrets management using AWS Secrets Manager and enterprise tooling
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligibility to enroll in our company 401(k) plan
Read More
Arrow Right

Security Solution Architect

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Years of AppSec & Enterprise Pedigree: Extensive background in Application Security and software supply chain, with a proven history of navigating Fortune 500 environments
  • Strategic Security Governance: 5–7+ years of experience partnering with IT and governance teams to deploy scalable, robust security programs
  • Engineering DNA: Deeply rooted in the SDLC
  • expert at integrating security into the developer workflow without sacrificing delivery velocity
  • Sales Rigor & Methodology: 5–7+ years of Enterprise technical sales experience, leveraging MEDDPICC/Challenger to lead high-stakes Proof of Value (PoV) engagements
  • Modern Technical Depth: Expert knowledge of DevSecOps, AI, and cloud-native ecosystems, including Kubernetes and CI/CD orchestration
  • The "Frog" Mindset: A self-starting collaborator who leads with curiosity and humility to bridge internal silos and build lasting trust
Job Responsibility
Job Responsibility
  • Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring JFrog’s security capabilities provide a "Future State" blueprint for our most strategic customers
  • Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain
  • Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders
  • Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data
  • Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight JFrog’s unique ability to secure the entire lifecycle
  • Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos
  • Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win"
  • Fulltime
Read More
Arrow Right

Security Solution Architect

As a Security Solution Architect at JFrog, you will be a high-impact technical p...
Location
Location
United States
Salary
Salary:
200000.00 - 210000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Years of AppSec & Enterprise Pedigree: Extensive background in Application Security and software supply chain, with a proven history of navigating Fortune 500 environments
  • Security Governance: 5–7+ years of experience partnering with IT and governance teams to deploy scalable, robust security programs
  • Engineering DNA: Deeply rooted in the SDLC
  • expert at integrating security into the developer workflow without sacrificing delivery velocity
  • Sales Rigor & Methodology: 5–7+ years of Enterprise technical sales experience, leveraging MEDDPICC/Challenger to lead high-stakes Proof of Value (PoV) engagements
  • Modern Technical Depth: Expert knowledge of DevSecOps, AI, and cloud-native ecosystems, including Kubernetes and CI/CD orchestration
  • The "Frog" Mindset: A self-starting collaborator who leads with curiosity and humility to bridge internal silos and build lasting trust
Job Responsibility
Job Responsibility
  • Architect Enterprise Application Security: Lead the design of high-level, enterprise-grade DevSecOps architectures, ensuring JFrog's security capabilities provide a "Future State" blueprint for our customers
  • Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain
  • Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level ROI and value presentations for CISOs, security & engineering leaders
  • Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data
  • Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight JFrog's unique ability to secure the entire lifecycle
  • Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos
  • Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win"
What we offer
What we offer
  • medical
  • dental
  • vision
  • retirement
  • wellness
  • equity package of restricted stock units (RSU)
  • Employee Stock Purchase Plan
  • discretionary bonuses or commission payments
  • Fulltime
Read More
Arrow Right

Security Developer

Are you a Security Developer with experience designing, developing, and architec...
Location
Location
Canada , Calgary
Salary
Salary:
55.00 - 70.00 USD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
June 27, 2026
Flip Icon
Requirements
Requirements
  • Top Skills: Custom Code Gating and Automation: Automatically scan code for vulnerabilities before it's deployed, stopping risky code instantly and giving developers immediate, helpful feedback.
  • AI Vulnerability Remediation and Visibility: Use new AI tools to quickly find and fix security issues, drastically reducing the manual effort from our development teams across CXT.
  • Complete Software Inventory (SBOM): Create an automated, comprehensive list of all software components we use to quickly identify and manage risk from new vulnerabilities or license issues.
  • Secure Development Assurance: Focuses on maturing foundational initiatives like the AppSec portal, security champions program, and targeted developer training to cultivate a proactive security culture and streamline critical processes.
  • Measurable Security Performance: Define clear metrics to track how well our security controls are working and establish a standardized framework for security testing to ensure consistent compliance and high quality.
Job Responsibility
Job Responsibility
  • Design, develop, and architect scalable security features and identity adapters, ensuring Security-by-Design is baked into the product lifecycle from inception to sunset.
  • Engineer and automate application security testing (SAST/DAST/SCA) within CI/CD pipelines to identify vulnerabilities at scale, rather than just performing manual scans.
  • Lead Security Architecture Reviews for complex client identity flows, providing authoritative guidance on OIDC, OAuth 2.0, and JWT implementation and vulnerability remediation.
  • Define the standardized security control library for the organization and verify the effectiveness of these controls through automated validation.
  • Review application architecture from a security perspective and provide technical guidance on vulnerability remediation.
  • Assist departments in assessing, selecting, implementing, and verifying the effectiveness of security controls.
  • Engineer and deploy of Automated Security Validation (ASV) frameworks that programmatically exploit identified vulnerabilities.
  • Design scalable 'Security-as-Code' suites to verify control effectiveness across the enterprise CI/CD pipelines, providing automated, evidence-based risk reporting to stakeholders
  • Operationalize Threat Modeling across the engineering org by establishing STRIDE-based standards and mentoring junior developers to lead their own sessions.
  • Influence organizational security culture by developing secure coding standards and leading "Security Champion" programs.
  • Fulltime
!
Read More
Arrow Right

Senior Platform Security Engineer

We are looking for a security-minded engineer to join our Tech Foundations team....
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
multiverse.io Logo
Multiverse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A "Builder" Mindset: strong coding and scripting skills (e.g., Python, TypeScript/Node) and a passion for automating everything
  • Cloud & Infrastructure Experience: experience building and securing modern cloud-native infrastructure, including CI/CD pipelines (like GitHub Actions), cloud environments (AWS/Azure), and Infrastructure as Code (like Terraform)
  • Application Security Knowledge: solid understanding of the AppSec landscape and practical experience integrating tools (SAST, DAST, SCA) into developer workflows
  • A Collaborative Partner: excellent communication skills, enjoy collaborating with engineering teams and translating complex security concepts into clear guidance
  • Observability-Driven: experience using security and monitoring platforms (like Datadog) to detect and respond to threats
Job Responsibility
Job Responsibility
  • Architect Secure Foundations: help the platform team to own the security of our developer platform, including designing, building, and maintaining security controls and services within our CI/CD pipelines
  • Secure Our Infrastructure as Code (IaC): Partner with your Platform teammates to be the subject matter expert for securing our Terraform modules and cloud environments (AWS, Azure), focusing on preventing misconfigurations before they're deployed
  • Incident Response and Operations: Participate in the team's on-call rotation, including out-of-hours coverage to support platform availability and security, assist in troubleshooting critical issues, lead the response for security-specific incidents, drive post-mortems focused on learning and preventing recurrence
  • Build a Secure "Paved Road": Seamlessly integrate and orchestrate security testing (SAST, DAST, SCA, container scanning) into developer workflows
  • Enable Vulnerability Remediation: Develop tools and processes to help engineering teams triage, prioritise, and remediate vulnerabilities
  • Implement Platform-Level Detection: Leverage our cloud security and observability platforms to build robust, automated threat detection and response capabilities for the platform itself
  • Be a Security Partner: In partnership with Infosec team, act as a primary security consultants for our developers, provide expert guidance on secure coding (Elixir, TypeScript/Node, Python), secret management, and securing our event-driven architecture and AI services
  • Govern Emerging Technologies: Help architect and implement our AI Management System, ensuring our innovative AI services are built on a secure foundation that meets governance standards like ISO42001
What we offer
What we offer
  • Time off - 27 days holiday, plus 5 additional days off: 1 life event day, 2 volunteer days, 2 company-wide wellbeing days (M-Powered Weekend) and 8 bank holidays per year
  • Health & Wellness- private medical Insurance with Bupa, a medical cashback scheme, life insurance, gym membership & wellness resources through Wellhub and access to Spill - all in one mental health support
  • Hybrid work offering - for most roles we collaborate in the office three days per week
  • Work-from-anywhere scheme - you'll have the opportunity to work from anywhere, up to 10 days per year
  • Space to connect: Beyond the desk, we make time for weekly catch-ups, seasonal celebrations, and have a kitchen that’s always stocked!
  • Fulltime
Read More
Arrow Right

Supply Teaching Assistant

Are you passionate about education and eager to support student's learning and d...
Location
Location
United Kingdom , Redhill
Salary
Salary:
80.00 GBP / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 01, 2026
Flip Icon
Requirements
Requirements
  • A genuine passion for supporting student's educational growth and development
  • Excellent communication skills and the ability to build positive relationships with students and staff
  • Previous experience in an educational setting or relevant qualifications is advantageous
  • Flexibility, adaptability, and a proactive approach to assisting in classroom activities
  • Compliance with DBS checks and eligibility to work in the UK
Job Responsibility
Job Responsibility
  • Work collaboratively with the class teacher, providing invaluable support in various classroom activities
  • Offer one-on-one guidance to small group sessions
  • Assist in creating an engaging and inclusive learning environment
What we offer
What we offer
  • Versatile engagement with diverse learners
  • Competitive compensation
  • Professional development and training opportunities
  • Supportive environment
  • Rewarding experience making a difference in young minds and futures
!
Read More
Arrow Right