Sr. CISSP Security Engineer

Sr. CISSP Security Engineer

McLean, Virginia / Dallas, Texas / Memphis, Tennessee (HYBRID)

2+ Year Contract

(5752)

IMMEDIATE NEW JOB OPENING for a Sr. Application Security Engineer focused on IAM to join our team and work in a hybrid role at one of our client s global HQs based out of McLean, VA, Dallas, TX, or Memphis, TN. As a Senior Lead Security Architect, you will lead the security architecture efforts for our flagship customer-facing initiatives across web, mobile, APIs, property and payments platforms, impacting 230 million global customers, thousands of partners, and employees. Having a strong background in software engineering, product and application security, you will integrate with delivery teams as a Product and Software Security SME, providing detailed consultation and collaboration to ensure software solutions are secure, resilient, and adhere to our security and industry standards. Your recommendations on security requirements, architecture patterns, and controls will play an important role in safeguarding our customer-facing deliverables.

Responsibilities:

• Lead security aspects of product delivery by defining secure-by-default patterns and architecture guardrails that materially reduce vulnerabilities and risk in released customer-facing products.
• Contribute to the continuous development, review, and adoption of our security standards and best practices.
• Design and maintain advanced security reference architectures that are secure, scalable, resilient, and align with our overall architecture models spanning web/mobile/API, AWS cloud, and AI-enabled architectures (RAG, agentic, MCP).
• Collaborate with cross-functional teams, including engineering, development, platform, and operations, to ensure security is integrated across the full system lifecycle from design through deployment and operations.
• Design and/or review product solution architectures to ensure they are secure, scalable, resilient, and seamlessly integrate with our overarching architecture models.
• Define security designs and guardrails that prevent common customer-facing threats such as account takeover/credential stuffing, authorization weaknesses, request tampering, injection-style flaws, abuse/bot activity, and sensitive data exposure translating threat scenarios into actionable architecture requirements and reusable patterns.
• Own and evolve security reference architectures and standards for customer-facing platforms, including API security (authN/authZ patterns, identity propagation, rate limiting, schema validation), customer identity (OAuth 2.1, OpenID Connect, SAML 2.0), and AWS cloud security (least-privilege IAM, network segmentation, encryption/key management, secrets management, logging/monitoring strategy, and CI/CD + IaC guardrails).
• Design and review secure architectures for AI-enabled features across customer-facing platforms, including RAG pipelines, agentic workflows, and Model Context Protocol (MCP) integrations, ensuring privacy, integrity, and resilience to misuse and abuse. You will define guardrails for data ingestion/retrieval, tool permissions, sensitive data handling, output controls, and auditability.
• Play a key role in the continuous development, review, and adoption of our security standards and best practices, ensuring they evolve to meet emerging threats and industry advancements.
• Actively engage in governance processes related to platform and application security, ensuring compliance with technology standards and regulatory requirements.
• Develop, document, and maintain security reference architectures and standards.
  

Requirements:

• 7 years of professional work experience in Technology or related field.
• 3 years of software development or enterprise architecture experience.
• 5 years of combined work experience in Product Security, Enterprise Architecture, Customer Identity & Access Management (IAM), Cloud Security, Cryptography, AI Security, and/or Payments Security.
• Understand Customer Identity and Authentication technologies, such as OAuth 2.0, OpenID Connect, SAML 2.0, API Security, and AWS IAM security. You have strong cryptography fundamentals, understand payment security patterns, and solutions for preventing customer fraud.
• Familiarity of various industry regulations such as PCI DSS, various data protection and privacy laws and regulations such as GDPR, CCPA, NIST 800-53, SOC2, ISO 27001, PSD2/SCA, etc.
• Demonstrated experience delivering security architecture solutions and the ability to partner effectively with business and technology stakeholders, articulating security design decisions clearly and pragmatically required.
• Excellent communication, presentation, and interpersonal skills.
• Bachelor s Degree, or associate s degree plus 7+ years of Technology related experience, or High School Degree/GED plus 7+ years of Technology related experience.
• 2 years as a senior security architect and 5 years of professional work experience in Technology or security field.
• 1 or more cyber industry certifications such as CISSP, AWS Solution Architect (Associate level or Professional level) or AWS Security Specialty certification preferred
• Preferably 2 to 3 years of strong software engineering and/or software development experience
• Experience in the hospitality industry preferred

**To view all of our open positions, please visit our Alleare Consulting website.