
Application & Platform Security Architect
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in United States.
• Establish reusable security architecture patterns and guidelines to facilitate consistent and secure implementation across high-risk business applications.
• Champion secure-by-design initiatives by incorporating security considerations early in the software architecture lifecycle and guiding enterprise architecture direction.
• Represent security architecture in design authority boards and technical review councils, promoting risk-based security controls.
• Collaborate with in-business IT customers, including application architects and engineers, to assess application software and infrastructure designs, aiming to define and design application controls in line with enterprise standards.
• Create application-specific security control architectures and produce design artifacts that aid in the secure implementation of business-critical systems.
• Develop reusable implementation guidance and design patterns based on prior engagements to enhance service scalability.
• Partner with information security leadership to formulate strategies and plans for enforcing security requirements and addressing identified risks within the infrastructure and applications.
• Serve as a security architecture liaison to IT delivery and engineering teams, integrating security principles into technical delivery and architecture review forums.
• Assist in the security aspects of business & IT initiatives by supporting architecture, design, implementation, deployment, and operational transition of innovative and secure technology solutions.
• Bachelor’s degree with 9 years of experience OR Master’s degree with 8 years of experience OR PhD with 4 years of experience in information security and/or related fields (IT Audit, Risk Management, or Security Architecture).
• Must demonstrate an exceptional ability to assess and communicate information security concepts and practices to both business and IT stakeholders.
• Requires comprehensive knowledge of the systems development life cycle, client area functions and systems, and technological alternatives for systems applications program development.
• Proven track record of implementing innovative technology solutions that propel the business forward.
• Strong grasp of application security principles, including OWASP Top 10, SANS/CWE Top 25, and secure coding practices.
• Expertise in secure session management, token handling, and authentication mechanisms (OAuth, SAML, OpenID Connect).
• Familiarity with cryptographic practices, encryption protocols, and PKI management.
• Experience with containerization technologies (Docker, Kubernetes) and cloud platforms (AWS, Azure, GCP).
• Knowledge of code analysis tools (e.g., SonarQube, Veracode) and vulnerability scanning tools (e.g., Burp Suite, Nessus).
• Understanding of DevSecOps methodologies, including securing CI/CD pipelines.
• Paid time off (vacation, holidays, sick leave)
• Medical, dental, and vision insurance
• 401(k) plan for eligible employees
• Long-term incentive programs
WEX
Qruise
Leidos
Latino Legends
Get handpicked remote jobs straight to your inbox weekly.