Lead Enterprise Application Security Architect Hybrid – Tampa, FL; Southfield, MI

An opportunity has come through our network for a Lead Enterprise Application Security Architect at a globally leading Wealth Management firm. This permanent position offers a hybrid work model, requiring 2-3 days per week in the office. You can be based in Tampa, FL;
Southfield, MI;
Denver, CO; or Memphis, TN. This role is absolutely pivotal in shaping the firm’s data security posture, as you’ll lead the design and implementation of robust data protection frameworks across the enterprise.

This role is critical for identifying and mitigating security risks throughout the software development lifecycle. You’ll evaluate system designs for potential vulnerabilities, guide engineering teams through secure coding practices, and support them in resolving security issues within their applications. Your responsibilities also extend to developing tailored security frameworks and architectural guidelines based on prior assessments and recognized industry standards.

As a Lead Enterprise Application Security Architect, you’ll be at the forefront of embedding security into the DNA of applications, ensuring that software solutions are robust, compliant, and resilient against evolving threats. Your role combines strategic design with hands-on guidance and cross-functional collaboration.

• Lead Secure Design Reviews and Threat Modeling: You will proactively lead secure design reviews and threat modeling sessions for all new projects, features, and significant architectural changes. This crucial step ensures that security considerations are integrated from the very inception of development. You will meticulously review designs to identify potential vulnerabilities and weaknesses, and guarantee strict compliance with industry standards, regulatory requirements, and internal security policies.
  
  Your leadership in this area is vital for “shifting left” security.
• Evaluate Adherence to Architectural Standards and Adapt Enterprise Assets: You will diligently evaluate adherence to architectural standards, ensuring that all application designs and implementations align with established enterprise guidelines and best practices. A key focus will be on minimizing technical debt, advocating for sustainable and efficient solutions. You will also strategically adapt enterprise assets (including existing systems, services, and data) for major programs, ensuring their secure integration and evolution within new architectures.
• Partner with Development Teams on Security Vulnerabilities: You will foster close partnerships with development teams to provide essential support and expert guidance in addressing security vulnerabilities identified throughout the software development lifecycle. This includes providing insights during the design phase, conducting thorough code reviews, and assisting in resolving issues uncovered during various testing phases (e.g., SAST, DAST, penetration testing). Your collaboration ensures that security flaws are remediated effectively and efficiently.
• Create and Maintain Secure Reference Architectures: You will be instrumental in creating and maintaining secure reference architectures. These authoritative guides will provide prescriptive blueprints for the design and implementation of secure systems and applications across the organization. You’ll customize these architectures to the firm’s specific technologies and needs, ensuring consistent application of security best practices and accelerated secure development.
• Collaborate on Integrating Security Practices into SDLC: You will engage in robust collaboration with cross-functional teams, including development, infrastructure, and compliance. Your objective is to seamlessly integrate security practices into the software development lifecycle (SDLC) and infrastructure provisioning processes. This involves embedding security requirements, automated security testing, and compliance checks at every stage, promoting a “security by design” approach.
• Offer Expert Advice on Security Issues: You will serve as a go-to expert, offering invaluable expert advice on a wide range of security issues.…