Senior Application Security Architect

Job Description

Our client is seeking a highly experienced Senior Application Security Architect to strengthen and advance their application security framework. This role will act as a strategic advisor to engineering and product teams, ensuring robust security practices are embedded across all stages of software development and system architecture.

The selected candidate will play a critical role in shaping secure design strategies, evaluating risks in emerging technologies, and promoting a security-first mindset across the organization. This position demands a strong blend of technical expertise, leadership capability, and cross-functional collaboration.

Key Responsibilities

• Provide expert guidance on secure architecture, design principles, and threat modeling across diverse applications and platforms
• Integrate security practices into the Software Development Life Cycle (SDLC), ensuring compliance with industry standards
• Assess and mitigate risks associated with new technologies, tools, and frameworks
• Advocate and implement secure coding standards across development teams
• Collaborate with engineering, DevOps, and product stakeholders to strengthen application security posture
• Contribute to incident response activities and support vulnerability management initiatives when required
• Establish and enforce security design frameworks, policies, and best practices
• Mentor developers and security professionals, fostering a culture of secure development

Required Experience

• Minimum 7+ years of experience in application security, software engineering, or a related domain
• Proven experience designing and implementing secure architectures in complex, distributed systems
• Hands-on involvement in embedding security within Agile and DevOps environments
• Strong background in threat modeling and conducting security architecture reviews
• Exposure to incident response, vulnerability management, or security operations is advantageous
• Experience working with modern cloud-native technologies, including containers, APIs, and serverless architectures
• Demonstrated ability to collaborate effectively with cross-functional teams and influence security initiatives
• Prior experience in leadership, mentoring, or advisory roles

Skills Required

• Strong expertise in secure coding practices, secure design, and threat modeling
• In-depth knowledge of common vulnerabilities (e.g., OWASP Top 10) and remediation techniques
• Experience with cloud security (AWS, Azure, or GCP)
• Hands-on experience securing microservices, APIs, and containerized environments (Docker, Kubernetes)
• Familiarity with DevSecOps practices and CI/CD security integrations
• Experience with security testing tools such as SAST, DAST, SCA, and IaC scanning tools
• Strong system design and architectural capabilities with a security-focused approach
• Excellent communication and stakeholder management skills

Education

• Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field

Language Requirement

• English – Professional Proficiency

Application Method: Interested candidates can apply by sending their profile to hr@semiconservicenordic.com