Software Security Architect

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 3–5 years of relevant experience in application security, security engineering, software engineering with a security focus, or security architecture support.
• 2 years software development experience.
• Hands-on experience with Secure CI/CD Pipeline Engineering.
• Experience implementing or operating: SAST DAST SCA
• Strong understanding of Secure Software Development Lifecycle practices.
• Experience with Container Security concepts and controls.
• Experience with Identity and Access Management (IAM) and Single Sign-On (SSO).
• Experience supporting Vulnerability Management processes (triage, remediation guidance, validation).

Nice To Haves

• Enterprise Cloud Security experience.
• Secure Infrastructure as Code (IaC) practices and/or tooling exposure.
• Experience with Agile / SAFE framework
• JIRA
• Java / C++
• Tooling/technology familiarity: GitHub Jenkins Kubernetes
• Identity standards familiarity: SAML OAuth2

Responsibilities

• Contribute to secure reference architectures, patterns, and guardrails for applications, APIs, services, and data flows.
• Help document and promote security standards for authentication/authorization, secrets management, encryption, logging/monitoring, and dependency management.
• Participate in architecture/design reviews and provide security recommendations for new initiatives.
• Support audits by providing security architecture documentation and evidence.
• Support implementation of a secure software development lifecycle across requirements, design, build, test, release, and operations.
• Partner with engineering teams on secure CI/CD pipeline engineering, including integrating and tuning security controls and interpreting results.
• Help implement and operationalize: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA)
• Participate in threat modeling for features, services, and integrations; document risks and recommended mitigations.
• Assist with security design reviews and provide actionable remediation guidance.
• Advise on secure API design, access control patterns, and common application security risks.
• Support container security practices and guardrails (build, registry, runtime considerations).
• Contribute to Identity and Access Management (IAM) architecture and implementation guidance.
• Support Single Sign-On (SSO) patterns and secure authentication/authorization approaches.
• Participate in vulnerability management, including triage, prioritization, validation of fixes, and prevention of recurrence.

Benefits

• medical
• dental
• vision
• life and disability coverage
• paid time off
• a 401(k) retirement plan
• paid parental leave
• access to a robust library of personal and professional training resources
• employee discounts
• critical illness
• hospital indemnity
• access to legal support
• pet insurance
• identity theft protection
• an EAP (Employee Assistance Program) that includes free mental health resources/support