Senior Security Architect

Title: Senior Application Security Architect
Location : Rockville, MD OR McLean, VA
Target Start Date : ASAP
Type: contract
Pay Rate: DOE

The Senior Application Security Architect is responsible for designing, implementing, and overseeing enterprise-wide application security architecture and standards. This role establishes frameworks, conducts security reviews, develops baselines, and leads strategic initiatives that strengthen application security across the organization. The ideal candidate blends technical expertise, architectural vision, and leadership to embed security throughout the software development lifecycle.

Responsibilities

• Architecture & Frameworks
  • Design and establish enterprise application security frameworks and reference models.
  • Develop and maintain security baselines, standards, and patterns for web, mobile, APIs, microservices, and cloud deployments.
  • Create and evolve threat modeling methodologies (e.g., STRIDE, PASTA, OCTAVE) and facilitate workshops with development teams.
  • Define secure coding standards and requirements based on data classification and risk.
• Solution Design
  • Architect security solutions for authentication, authorization, encryption, and secure communications.
  • Design and implement API security strategies (OAuth/OIDC, API gateways, rate limiting).
  • Establish security guardrails for cloud-native, serverless, and infrastructure-as-code environments.
  • Architect secure data handling practices including encryption in transit and at rest.
• Integration & Enablement
  • Embed security architecture principles into CI/CD pipelines to support DevSecOps.
  • Evaluate and recommend security tools and technologies (SAST, DAST, IAST, SCA).
  • Partner with development teams to design secure solutions that balance security and business needs.
  • Maintain documentation of architecture decisions, patterns, and reference implementations.
• Leadership & Strategy
  • Lead strategic, enterprise-wide security initiatives.
  • Develop and deliver training to raise security awareness among developers and architects.
  • Create and maintain security roadmaps to guide implementation of security capabilities.
  • Stay current with emerging threats, technologies, and architectural approaches.
  • Leverage Generative AI to enhance architecture reviews and automate security analysis.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field.
• 5+ years in application security, with 2+ years in security architecture roles.
• Deep knowledge of secure design principles, threat modeling, and security patterns.
• Experience designing security controls for cloud environments (AWS, Azure, Google Cloud Platform).
• Proficiency with security tools (SAST, DAST, IAST, SCA) and testing tools (Burp Suite, OWASP ZAP).
• Strong understanding of secure development practices, OWASP Top 10, and SANS CWE.
• Hands-on experience with DevSecOps and CI/CD integration (Jenkins, Git, pipelines).
• Expertise in secure authentication (MFA, SSO, OAuth 2.0, SAML, OIDC).
• Experience with API security, microservices, and containerized environments.
• Proficiency in at least one programming language (Java, Python, JavaScript preferred).
• Knowledge of cryptography, secure code review techniques, and vulnerability patterns.
• Familiarity with regulatory requirements (PCI-DSS, GDPR, SOX) and architectural implications.
• Excellent communication skills to engage both technical and business stakeholders.
• Proven ability to lead cross-functional initiatives and influence at all levels.
• Certifications highly desirable: CSSLP, CISSP, AWS Security Specialty.

Nice to Have

• Experience securing Agentic AI applications or leveraging AI for security automation.

Welcome to ConsultNet and the family of companies, Tekne, SaltClick, TechBridge, and OmniMedia. As a premier national provider of technology talent and solutions, our expertise spans across project services, contract-to-hire, direct placement, and managed services both onshore and nearshore.

Celebrating more than 25 years of partnership with a diverse client base, we've crafted rewarding opportunities for our consultants, fostering high-performing teams that deliver impactful results.

Over the last few years thousands of consultants have found their calling with us in roles that have made a meaningful impact on their lives, enhanced their career, challenged them, and propelled them towards achieving their personal and professional goals. At the ConsultNet family of companies, we believe effective communication is crucial in aligning the right job with your unique skills and professional aspirations. To us, it's all about the personal approach we take and the values we uphold.

Our comprehensive service offerings cover a wide range of technology positions across key markets nationwide. Client more at .

We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.