Senior Application Security Engineer / Cybersecurity Architect

Job Title: Senior Application Security Engineer / Cybersecurity Architect

Location: Bellevue WA, Overland Park KS, Frisco TX, Ravinia GA

Job Summary:

We are seeking a highly experienced and skilled Senior Application Security Engineer / Cybersecurity Architect with over 10 years in the cybersecurity domain and 8+ years of hands-on application security expertise. The ideal candidate will bring deep knowledge of secure software development, threat modeling, vulnerability mitigation, cloud security, and enterprise-level security tools and platforms. You will be a key contributor in designing, implementing, and maintaining secure systems and applications across diverse environments.

Key Responsibilities:

• Lead and manage secure software development lifecycle (SSDLC) practices across multiple applications and frameworks.
• Perform in-depth threat modeling using STRIDE, PASTA, TRIKE, DREAD, ATTACK TREE, KILL CHAIN, and CAPEC methodologies.
• Conduct comprehensive vulnerability assessments, penetration tests, and drive remediation efforts.
• Oversee firewall policy design, SSL/TLS configuration, and secure communication protocols.
• Collaborate with engineering teams to integrate secure coding practices in Java, Python, Node.js, and related frameworks.
• Review and enforce security for cloud deployments in AWS, Azure, and containerized environments (PCF, Docker).
• Implement and manage security tools like Veracode, Qualys, Venafi, CyberArk, FireEye, MobileIron, and Damballa.
• Support and manage SIEM (ArcSight), log analysis (Splunk), IDS/IPS (Symantec), and advanced malware protection systems.
• Work closely with DevOps and IT infrastructure teams on securing load balancers (F5, A10), firewalls (CheckPoint), and mobile device management.
• Define and improve incident response processes and assist with handling advanced persistent threats.
• Stay current with the evolving threat landscape, and provide strategic input on security architecture.

Required Qualifications:

• 10+ years of experience in Cybersecurity, with at least 8 years focused on Application Security.
• 5+ years of hands-on experience in Java, Python, Node.js, and secure software architecture.
• Expert-level understanding of threat modeling frameworks and application threat surfaces.
• Strong understanding of SSL/TLS, network security, firewall design, and secure application protocols.
• Hands-on experience with cloud platforms (AWS, Azure), security scanning tools (Qualys, Veracode), and container security.
• Deep understanding of enterprise security platforms: SIEMs (ArcSight), intrusion detection, log/event analysis, and privileged account management.
• Experience with securing mobile devices and managing MDM platforms like MobileIron.