Application Security Analyst / System Security Architect

This role is ideal for a security professional who can represent Information Security during project planning and implementation, ensuring that security requirements are embedded into new initiatives from inception through deployment.

Position: Application Security Analyst / System Security Architect
Experience: 7–12 Years
Location: Hybrid / Onsite

Job Summary

We are seeking an experienced Application Security Analyst / System Security Architect to act as the Information Security representative (proxy) for new business and technology initiatives. The role will be responsible for evaluating security requirements, conducting architecture and risk reviews, ensuring compliance with enterprise security standards, and providing security guidance throughout the project lifecycle.

Key Responsibilities

• Serve as the Information Security (IS) representative/proxy for new initiatives, projects, and technology implementations.
• Participate in project discussions, architecture reviews, and design workshops to identify security risks and required controls.
• Perform security assessments, threat modeling, and risk analysis for new applications, systems, and infrastructure solutions.
• Review application and system architectures to ensure alignment with security policies, regulatory requirements, and industry best practices.
• Provide security recommendations related to authentication, authorization, encryption, network security, and data protection.
• Partner with business, application development, infrastructure, cloud, and third-party vendors to integrate security requirements early in the project lifecycle.
• Review security exceptions and recommend risk mitigation strategies.
• Support governance, risk, and compliance activities, including audit and regulatory requirements.
• Evaluate cloud and on-premises solutions for security risks and control effectiveness.
• Track remediation of identified security gaps and vulnerabilities.

Required Skills

• Strong experience in Application Security, Security Architecture, or Information Security Consulting.
• Experience conducting security architecture reviews, threat modeling, and risk assessments.
• Knowledge of secure software development practices and application security controls.
• Understanding of security frameworks such as NIST, ISO 27001, CIS Controls, and OWASP Top 10.
• Experience with cloud security concepts across AWS, Azure, or Google Cloud Platform.
• Strong understanding of:
  • Identity and Access Management (IAM)
  • Encryption and Key Management
  • Network Security
  • Secure SDLC
  • Vulnerability Management
  • Third-Party Risk Assessments
• Ability to communicate security risks and recommendations to both technical and business stakeholders.

Preferred Qualifications

• CISSP, CCSP, CISM, SABSA, TOGAF, or equivalent security certifications.
• Experience in financial services, banking, or highly regulated environments.
• Familiarity with security governance, regulatory compliance, and audit processes.

Key Competencies

• Security Architecture Review
• Application Security
• Threat Modeling & Risk Assessment
• Secure Design & Governance
• Cloud Security
• Stakeholder Management
• Security Consulting
• Compliance & Regulatory Support