CrawlJobs Logo

Lead Enterprise AppSec Architect

United States, Saint Petersburg · Job Posted March 12, 2026
Apply Position
Job Link Share

Job Description

The Raymond James Enterprise Application Security Architecture team is seeking a Lead Security Architect to strengthen our organization’s security posture by focusing on secure design reviews, threat modeling, and vulnerability remediation. This role is integral to ensuring our applications and systems meet the highest security standards. The ideal candidate will be highly skilled in identifying, analyzing, and mitigating security risks, as well as collaborating with development teams to remediate vulnerabilities in both design and code effectively. Additionally, the position involves creating secure reference architectures informed by design reviews and industry best practices.

Job Responsibility

  • Lead secure design reviews and threat modeling exercises for new applications, features, and architectural changes, ensuring adherence to industry standards, regulatory requirements, and organizational security policies
  • Collaborate with development teams to identify and remediate vulnerabilities in application code and system designs, providing hands-on guidance and actionable recommendations
  • Create and maintain secure reference architectures to serve as a foundation for implementing secure systems, applications, and solutions aligned with the organization's specific needs and technologies
  • Act as a trusted advisor to development teams, integrating security considerations into the software development lifecycle and promoting secure coding practices
  • Assess conformance with architectural standards, focusing on reducing technical debt and optimizing enterprise assets such as systems, services, and information
  • Provide technical expertise on security matters, including encryption, identity and access management, and secure communication protocols
  • Stay current with emerging security threats, trends, and best practices, applying relevant insights to enhance the organization's security posture
  • Collaborate with cross-functional teams, including infrastructure, DevOps tooling, and compliance, to align security measures with organizational goals and ensure seamless integration
  • Support security incident response efforts by contributing architectural expertise and defense-in-depth strategies as needed
  • Perform other duties and responsibilities as assigned, including occasional non-standard shifts or on-call

Requirements

  • 7+ years of experience in an application security engineering or architecture role, with a demonstrated focus on secure design reviews, threat modeling, and vulnerability management
  • In-depth knowledge of web application security principles, secure coding practices, and addressing common vulnerabilities (e.g., OWASP Top 10)
  • Proficiency in designing secure architectures for on-premises and cloud (e.g. AWS, Azure) environments
  • Strong understanding of OAuth, authentication, and authorization mechanisms, including multi-factor authentication, single sign-on, and emerging technologies like password-less authentication
  • Experience in encryption technologies, such as certificate-based and token-based cryptography
  • Familiarity with network protocols, topologies, incident response, and defense-in-depth strategies
  • Understanding of SAST, DAST, and SCA scanning tool capabilities
  • Experience integrating application security controls into automated CI/CD pipelines
  • Exceptional communication skills, capable of bridging the gap between technical and business stakeholders
  • The ability to quickly acquire relevant business acumen is essential
  • Bachelor’s: Computer and Information Science (Required), Bachelor’s: Information Technology
  • General Experience - 6 to 10 years, Manager Experience - 3 to 6 years

Nice to have

Financial services experience is a plus but not required.

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead Enterprise AppSec Architect

8 matching positions

Senior Application Security Engineer (SCA/SAST)

At Trimble, we aren't just building software; we're transforming the way the wor...
Location
Location
United Kingdom
Salary
Salary:
Not provided
trimble.com Logo
Trimble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in AppSec with a deep, battle-tested mastery of SCA and SAST implementation at an enterprise level
  • You speak the language of developers. Whether it's Java, C#, Python, or Go, you can read the code and provide real remediation paths
  • You live in the pipeline. You have hands-on experience with GitHub Actions, Jenkins, Azure DevOps, or GitLab CI
  • You can translate 'security risk' into 'business value' for stakeholders and 'clear action' for engineers
  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience
Job Responsibility
Job Responsibility
  • Act as the global SME for SCA and SAST, turning complex security requirements into scalable, automated solutions
  • Optimize our security tooling to be 'developer-first,' slashing false positives and focusing engineering energy on what truly matters
  • Shape the organizational approach to open-source security and license compliance
  • Embed security into the DNA of the SDLC by collaborating with architects and product owners worldwide
  • Automate everything. You'll build the 'guardrails' that allow our developers to move fast without breaking things
  • Mentor the next generation of security talent and lead through influence across cross-functional teams
  • Stay ahead of the curve. You'll evaluate emerging security tech and proactively keep Trimble at the cutting edge
  • Conduct threat modeling and architectural reviews to kill vulnerabilities before they are ever coded
  • Fulltime
Read More
Arrow Right

Security Solution Architect

As a Security Solution Architect at JFrog, you will be a high-impact technical p...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Years of AppSec & Enterprise Pedigree: Extensive background in Application Security and software supply chain, with a proven history of navigating Fortune 500 environments.
  • Strategic Security Governance: 5–7+ years of experience partnering with IT and governance teams to deploy scalable, robust security programs.
  • Engineering DNA: Deeply rooted in the SDLC
  • expert at integrating security into the developer workflow without sacrificing delivery velocity.
  • Sales Rigor & Methodology: 5–7+ years of Enterprise technical sales experience, leveraging MEDDPICC/Challenger to lead high-stakes Proof of Value (PoV) engagements.
  • Modern Technical Depth: Expert knowledge of DevSecOps, AI, and cloud-native ecosystems, including Kubernetes and CI/CD orchestration.
  • The "Frog" Mindset: A self-starting collaborator who leads with curiosity and humility to bridge internal silos and build lasting trust.
Job Responsibility
Job Responsibility
  • Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring JFrog’s security capabilities provide a "Future State" blueprint for our most strategic customers.
  • Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain.
  • Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders.
  • Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data.
  • Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight JFrog’s unique ability to secure the entire lifecycle.
  • Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos.
  • Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win".
  • Fulltime
Read More
Arrow Right

Security Solution Architect

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Years of AppSec & Enterprise Pedigree: Extensive background in Application Security and software supply chain, with a proven history of navigating Fortune 500 environments
  • Strategic Security Governance: 5–7+ years of experience partnering with IT and governance teams to deploy scalable, robust security programs
  • Engineering DNA: Deeply rooted in the SDLC
  • expert at integrating security into the developer workflow without sacrificing delivery velocity
  • Sales Rigor & Methodology: 5–7+ years of Enterprise technical sales experience, leveraging MEDDPICC/Challenger to lead high-stakes Proof of Value (PoV) engagements
  • Modern Technical Depth: Expert knowledge of DevSecOps, AI, and cloud-native ecosystems, including Kubernetes and CI/CD orchestration
  • The "Frog" Mindset: A self-starting collaborator who leads with curiosity and humility to bridge internal silos and build lasting trust
Job Responsibility
Job Responsibility
  • Architect Enterprise Application Security: Lead the design of high-level , enterprise-grade DevSecOps architectures, ensuring JFrog’s security capabilities provide a "Future State" blueprint for our most strategic customers
  • Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain
  • Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level strategic ROI and value presentations for CISOs, security & engineering leaders
  • Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data
  • Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight JFrog’s unique ability to secure the entire lifecycle
  • Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos
  • Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win"
  • Fulltime
Read More
Arrow Right

Security Solution Architect

As a Security Solution Architect at JFrog, you will be a high-impact technical p...
Location
Location
United States
Salary
Salary:
200000.00 - 210000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Years of AppSec & Enterprise Pedigree: Extensive background in Application Security and software supply chain, with a proven history of navigating Fortune 500 environments
  • Security Governance: 5–7+ years of experience partnering with IT and governance teams to deploy scalable, robust security programs
  • Engineering DNA: Deeply rooted in the SDLC
  • expert at integrating security into the developer workflow without sacrificing delivery velocity
  • Sales Rigor & Methodology: 5–7+ years of Enterprise technical sales experience, leveraging MEDDPICC/Challenger to lead high-stakes Proof of Value (PoV) engagements
  • Modern Technical Depth: Expert knowledge of DevSecOps, AI, and cloud-native ecosystems, including Kubernetes and CI/CD orchestration
  • The "Frog" Mindset: A self-starting collaborator who leads with curiosity and humility to bridge internal silos and build lasting trust
Job Responsibility
Job Responsibility
  • Architect Enterprise Application Security: Lead the design of high-level, enterprise-grade DevSecOps architectures, ensuring JFrog's security capabilities provide a "Future State" blueprint for our customers
  • Provide product in-depth Leadership: Serve as the primary technical authority for deep-dive customer sessions, demonstrating "under-the-hood" knowledge of application security, binary-level analysis, ML/AI security, and the intricacies of the modern software supply chain
  • Drive Executive & Technical Command: Navigate seamlessly between deep-dive technical remediation whiteboarding with Security Engineers and high-level ROI and value presentations for CISOs, security & engineering leaders
  • Lead the Field-to-Product Innovation Loop: Systematically capture field use cases and technical gaps to work closely with Product and Engineering, ensuring our roadmap evolves based on real-world enterprise data
  • Execute Competitive Strategy: Lead & master the technical displacement of legacy and modern AppSec players by developing "Win Themes" that highlight JFrog's unique ability to secure the entire lifecycle
  • Scale Through Cross-Functional Enablement: Mentor the broader Solutions Engineering team to raise the organization's collective "Security IQ" by creating reusable architectural patterns, discovery playbooks and demos
  • Optimize Post-Sales Adoption: Partner with Customer Success to analyze how customers operationalize our security products, identifying friction points to improve long-term retention and the "Technical Win"
What we offer
What we offer
  • medical
  • dental
  • vision
  • retirement
  • wellness
  • equity package of restricted stock units (RSU)
  • Employee Stock Purchase Plan
  • discretionary bonuses or commission payments
  • Fulltime
Read More
Arrow Right

Senior Java Developer

We're seeking a seasoned Senior Java Developer with 5+ years of experience to le...
Location
Location
Canada , Mississauga
Salary
Salary:
94300.00 - 141500.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of progressive experience building enterprise systems, with 7+ years in Java and Spring at scale
  • Proven delivery of cloud-native, microservices, and event-driven architectures
  • Strong expertise in Java 11/17+, Spring Boot, Spring Cloud
  • REST/GraphQL APIs, gRPC (nice-to-have)
  • Kafka (or Pulsar), Kubernetes, Docker
  • RDBMS (PostgreSQL/MySQL/Oracle) and NoSQL (MongoDB/Cassandra/DynamoDB)
  • Caching (Redis), CI/CD (GitHub Actions/Azure DevOps/Jenkins), IaC (Terraform/ARM)
  • Observability (OpenTelemetry, Prometheus/Grafana, ELK), feature flags/progressive delivery
  • Solid grasp of concurrency, performance tuning, resiliency patterns (circuit breakers, retries, bulkheads), and fault-tolerance
  • Demonstrated leadership of architectural forums, design reviews, and mentorship
Job Responsibility
Job Responsibility
  • Define and evolve system architecture for cloud-native, microservices/event-driven platforms (scalability, resilience, security, cost)
  • Create high-level and low-level designs, integration patterns, API contracts, and reference implementations
  • Lead design reviews
  • ensure alignment with domain-driven design (DDD), 12-factor principles, and organization standards
  • Lead squads through full SDLC—from discovery and PoCs to production and SRE handoff
  • Establish coding standards, code review practices, and secure-by-default patterns
  • Mentor and coach senior engineers
  • support career growth and succession of technical leaders
  • Build core services using Java (17+), Spring Boot, REST/GraphQL, and message/event streaming
  • Optimize for performance, concurrency, observability, and operational excellence (SLOs, error budgets)
  • Fulltime
Read More
Arrow Right

Senior Java Developer Solution Architect - Vice President

We’re seeking a seasoned Senior Java Developer Solution Architect with 6+ years ...
Location
Location
Canada , Mississauga
Salary
Salary:
120800.00 - 170800.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of progressive experience building enterprise systems, with 7+ years in Java and Spring at scale
  • Proven delivery of cloud-native, microservices, and event-driven architectures
  • Strong expertise in: Java 11/17+, Spring Boot, Spring Cloud
  • REST/GraphQL APIs, gRPC (nice-to-have)
  • Kafka (or Pulsar), Kubernetes, Docker
  • RDBMS (PostgreSQL/MySQL/Oracle) and NoSQL (MongoDB/Cassandra/DynamoDB)
  • Caching (Redis), CI/CD (GitHub Actions/Azure DevOps/Jenkins), IaC (Terraform/ARM)
  • Observability (OpenTelemetry, Prometheus/Grafana, ELK), feature flags/progressive delivery
  • Solid grasp of concurrency, performance tuning, resiliency patterns (circuit breakers, retries, bulkheads), and fault-tolerance
  • Demonstrated leadership of architectural forums, design reviews, and mentorship
Job Responsibility
Job Responsibility
  • Define and evolve system architecture for cloud-native, microservices/event-driven platforms (scalability, resilience, security, cost)
  • Create high-level and low-level designs, integration patterns, API contracts, and reference implementations
  • Lead design reviews
  • ensure alignment with domain-driven design (DDD), 12‑factor principles, and organization standards
  • Lead squads through full SDLC—from discovery and PoCs to production and SRE handoff
  • Establish coding standards, code review practices, and secure-by-default patterns
  • Mentor and coach senior engineers
  • support career growth and succession of technical leaders
  • Build core services using Java (17+), Spring Boot, REST/GraphQL, and message/event streaming
  • Optimize for performance, concurrency, observability, and operational excellence (SLOs, error budgets)
  • Fulltime
Read More
Arrow Right

Senior Java Developer

We’re seeking a seasoned Senior Java Developer with 8–12 years of experience to ...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-10 years of progressive experience building enterprise systems, with 7+ years in Java and Spring at scale
  • Proven delivery of cloud-native, microservices, and event-driven architectures
  • Strong expertise in: Java 11/17+, Spring Boot, Spring Cloud
  • REST/GraphQL APIs, gRPC (nice-to-have)
  • Kafka (or Pulsar), Kubernetes, Docker
  • RDBMS (PostgreSQL/MySQL/Oracle) and NoSQL (MongoDB/Cassandra/DynamoDB)
  • Caching (Redis), CI/CD (GitHub Actions/Azure DevOps/Jenkins), IaC (Terraform/ARM)
  • Observability (OpenTelemetry, Prometheus/Grafana, ELK), feature flags/progressive delivery
  • Solid grasp of concurrency, performance tuning, resiliency patterns (circuit breakers, retries, bulkheads), and fault-tolerance
  • Demonstrated leadership of architectural forums, design reviews, and mentorship
Job Responsibility
Job Responsibility
  • Define and evolve system architecture for cloud-native, microservices/event-driven platforms (scalability, resilience, security, cost)
  • Create high-level and low-level designs, integration patterns, API contracts, and reference implementations
  • Lead design reviews
  • ensure alignment with domain-driven design (DDD), 12-factor principles, and organization standards
  • Lead squads through full SDLC—from discovery and PoCs to production and SRE handoff
  • Establish coding standards, code review practices, and secure-by-default patterns
  • Mentor and coach senior engineers
  • support career growth and succession of technical leaders
  • Build core services using Java (17+), Spring Boot, REST/GraphQL, and message/event streaming
  • Optimize for performance, concurrency, observability, and operational excellence (SLOs, error budgets)
  • Fulltime
Read More
Arrow Right

Senior Java Developer, Solution Architect

We’re seeking a seasoned Senior Java Developer / Solution Architect with 15–18 y...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–18 years of progressive experience building enterprise systems
  • 7+ years in Java and Spring at scale
  • Proven delivery of cloud-native, microservices, and event-driven architectures
  • Strong expertise in Java 11/17+, Spring Boot, Spring Cloud
  • Strong expertise in REST/GraphQL APIs, gRPC (nice-to-have)
  • Strong expertise in Kafka (or Pulsar), Kubernetes, Docker
  • Strong expertise in RDBMS (PostgreSQL/MySQL/Oracle) and NoSQL (MongoDB/Cassandra/DynamoDB)
  • Strong expertise in Caching (Redis), CI/CD (GitHub Actions/Azure DevOps/Jenkins), IaC (Terraform/ARM)
  • Strong expertise in Observability (OpenTelemetry, Prometheus/Grafana, ELK), feature flags/progressive delivery
  • Solid grasp of concurrency, performance tuning, resiliency patterns (circuit breakers, retries, bulkheads), and fault-tolerance
Job Responsibility
Job Responsibility
  • Define and evolve system architecture for cloud-native, microservices/event-driven platforms (scalability, resilience, security, cost)
  • Create high-level and low-level designs, integration patterns, API contracts, and reference implementations
  • Lead design reviews
  • ensure alignment with domain-driven design (DDD), 12‑factor principles, and organization standards
  • Lead squads through full SDLC—from discovery and PoCs to production and SRE handoff
  • Establish coding standards, code review practices, and secure-by-default patterns
  • Mentor and coach senior engineers
  • support career growth and succession of technical leaders
  • Build core services using Java (17+), Spring Boot, REST/GraphQL, and message/event streaming
  • Optimize for performance, concurrency, observability, and operational excellence (SLOs, error budgets)
  • Fulltime
Read More
Arrow Right