Application Security Architect

About the Role
We are looking for a strategic and hands-on Application Security Architect with strong DevSecOps expertise to modernize our CI/CD pipelines, integrate security automation, and strengthen application security throughout the Secure Software Development Lifecycle (SDLC). You’ll work closely with development, DevOps, and security teams to ensure security is embedded in every phase of delivery.

What You’ll Do

• Assess current CI/CD pipelines, remove manual steps, and embed automated security controls.
• Integrate SAST, DAST, SCA, and container security into developer workflows.
• Lead secure design reviews, threat modeling, and secure coding practices.
• Collaborate across teams to align security with compliance standards (OWASP, NIST, ISO 27001, SOC 2).
• Secure applications across AWS and Azure cloud environments.
• Implement and manage Infrastructure as Code (Terraform, Ansible) for security automation.

What We’re Looking For

• Proven experience in Application Security Architecture and DevSecOps.
• Hands-on experience with Jenkins, Azure DevOps, GitHub Actions, or GitLab CI.
• Strong knowledge of SAST/DAST/SCA tools (Checkmarx, Veracode, Fortify, Burp Suite).
• Multi-cloud expertise (AWS + Azure required).
• Scripting in Python, Bash, or PowerShell.
• Certifications preferred: CISSP, CSSLP, CCSP, CISM.
• Deep understanding of secure SDLC and OWASP Top 10 vulnerabilities.