Senior Application Security Architect

Om jobbet

Job Description

Our client is seeking a highly experienced Senior Application Security Architect to strengthen and advance their application security framework. This role will act as a strategic advisor to engineering and product teams, ensuring robust security practices are embedded across all stages of software development and system architecture.

The selected candidate will play a critical role in shaping secure design strategies, evaluating risks in emerging technologies, and promoting a security-first mindset across the organization. This position demands a strong blend of technical expertise, leadership capability, and cross-functional collaboration.

Key Responsibilities

Provide expert guidance on secure architecture, design principles, and threat modeling across diverse applications and platforms

Integrate security practices into the Software Development Life Cycle (SDLC), ensuring compliance with industry standards

Assess and mitigate risks associated with new technologies, tools, and frameworks

Advocate and implement secure coding standards across development teams

Collaborate with engineering, DevOps, and product stakeholders to strengthen application security posture

Contribute to incident response activities and support vulnerability management initiatives when required

Establish and enforce security design frameworks, policies, and best practices

Mentor developers and security professionals, fostering a culture of secure development

Required Experience

Minimum 7+ years of experience in application security, software engineering, or a related domain

Proven experience designing and implementing secure architectures in complex, distributed systems

Hands-on involvement in embedding security within Agile and DevOps environments

Strong background in threat modeling and conducting security architecture reviews

Exposure to incident response, vulnerability management, or security operations is advantageous

Experience working with modern cloud-native technologies, including containers, APIs, and serverless architectures

Demonstrated ability to collaborate effectively with cross-functional teams and influence security initiatives

Prior experience in leadership, mentoring, or advisory roles

Skills Required

Strong expertise in secure coding practices, secure design, and threat modeling

In-depth knowledge of common vulnerabilities (e.g., OWASP Top 10) and remediation techniques

Experience with cloud security (AWS, Azure, or GCP)

Hands-on experience securing microservices, APIs, and containerized environments (Docker, Kubernetes)

Familiarity with DevSecOps practices and CI/CD security integrations

Experience with security testing tools such as SAST, DAST, SCA, and IaC scanning tools

Strong system design and architectural capabilities with a security-focused approach

Excellent communication and stakeholder management skills

Education

Bachelor's or Master's degree in Computer Science, Information Technology, or a related field

Language Requirement

English - Professional Proficiency

Application Method: Interested candidates can apply by sending their profile to hr@semiconservicenordic.com