Responsibilities

The Lead Security Architect will serve as a subject matter expert in Application Security Architecture, partnering with Application teams to provide consultation and secure their CI/CD implementation. As an SME in DevSecOps, they will provide security architecture guidance in tool selection, accelerate application migrations to the cloud, and ensure ‘secure by design’ principles are followed. The role involves carrying out complex initiatives, evaluating and selecting technologies, promoting expertise sharing, and guiding the development of application or infrastructure architectures. Additionally, the Lead Security Architect will thoroughly understand decision process issues related to technology choice and possess experience related to application development and DevOps, including a strong understanding of CI/CD pipelines and secure application development methodologies, as well as experience with security tools related to DevSecOps such as SAST, DAST, and IAST. In-depth knowledge of various cybersecurity frameworks, standards, and SDLC, along with experience related to vulnerability management, is also expected, particularly concerning OWASP top vulnerabilities and the MITRE framework, and knowledge of WAF, App Proxy, and other relevant technologies.