Software Security Architect

Bachelor’s in Computer Science, Cybersecurity, or equivalent experience.
Preferred certifications: CISSP, CSSLP, CEH.
10+ years in software development, security architecture, or application security roles.
Deep knowledge of authentication, encryption, IAM, secure APIs, and secure coding.
Expertise in at least one modern language (Java, C#, JavaScript/TypeScript, Python, Node.js).
Familiarity with DevSecOps, SAST, DAST, SCA tools, and container security (Docker/Kubernetes).
Experience integrating security tools into CI/CD pipelines and managing secrets securely.

Develop and document scalable, secure architecture frameworks.
Establish and publish secure design standards and reusable patterns.
Lead architectural threat modeling for new and existing applications.
Drive security integration into all SDLC phases, including code, build, and release pipelines.
Plan and execute penetration testing strategies, with results translated into prioritized remediation plans.
Partner with security engineering to deploy SAST, DAST, and SCA tools in CI/CD.
Ensure architecture aligns with compliance requirements (e.g., ISO 27001, OWASP, NIST).
Define coding policies to meet regulatory standards and internal policies.
Proactively identify and reduce security risks across the development ecosystem.
Work closely with software engineering, DevOps, IT, and data teams to implement secure coding practices.
Mentor teams on secure design principles and current threat landscapes.
Deliver security awareness and training programs to development staff.