Jobs · Information Technology · Tennessee

Lead Enterprise AppSec Architect

Raymond James · Memphis, TN · 3 wk ago
Information TechnologyFull-time

Responsibilities

  • Lead secure design reviews and threat modeling exercises for new applications, features, and architectural changes, ensuring adherence to industry standards, regulatory requirements, and organizational security policies.
  • Collaborate with development teams to identify and remediate vulnerabilities in application code and system designs, providing hands-on guidance and actionable recommendations.
  • Create and maintain secure reference architectures to serve as a foundation for implementing secure systems, applications, and solutions aligned with the organization's specific needs and technologies.
  • Act as a trusted advisor to development teams, integrating security considerations into the software development lifecycle and promoting secure coding practices.
  • Assess conformance with architectural standards, focusing on reducing technical debt and optimizing enterprise assets such as systems, services, and information.
  • Provide technical expertise on security matters, including encryption, identity and access management, and secure communication protocols.
  • Stay current with emerging security threats, trends, and best practices, applying relevant insights to enhance the organization's security posture.
  • Collaborate with cross-functional teams, including infrastructure, DevOps tooling, and compliance, to align security measures with organizational goals and ensure seamless integration.
  • Support security incident response efforts by contributing architectural expertise and defense-in-depth strategies as needed.

Requirements

  • 7+ years of experience in an application security engineering or architecture role, with a demonstrated focus on secure design reviews, threat modeling, and vulnerability management.
  • In-depth knowledge of web application security principles, secure coding practices, and addressing common vulnerabilities (e.g., OWASP Top 10).
  • Proficiency in designing secure architectures for on-premises and cloud (e.g. AWS, Azure) environments.
  • Strong understanding of OAuth, authentication, and authorization mechanisms, including multi-factor authentication, single sign-on, and emerging technologies like password-less authentication.
  • Familiarity with network protocols, topologies, incident response, and defense-in-depth strategies.
  • Experience in encryption technologies, such as certificate-based and token-based cryptography.
  • Experience integrating application security controls into automated CI/CD pipelines.

Skills

  • Exceptional communication skills, capable of bridging the gap between technical and business stakeholders.
  • Financial services experience is a plus but not required.
  • The ability to quickly acquire relevant business acumen is essential.

Education

  • Bachelor’s: Computer and Information Science (Required)
  • Bachelor’s: Information Technology

Similar jobs

Lead Enterprise Architect

NTT DATA North AmericaArlington, VA· 3 wk ago
Information Technologyapply on careers.services.global.ntt

Lead Enterprise Architect

dentsuNew York, United States· 1 wk ago
Information Technology$136k–$219k/yrapply on dentsuaegis.wd3.myworkdayjobs.com

Enterprise Architect Lead

Chamberlain GroupOak Brook, IL· 2 wk ago
Information Technology$103k–$193k/yrapply on chamberlain.wd1.myworkdayjobs.com