Product Security Architect (DevSecOps)

Формат работы

remote (только United_kingdom)

Тип работы

project

Грейд

lead/principal

Английский

Страна

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Product Security Architect (DevSecOps): Defining and evolving group-wide Product Security and Secure SSDLC strategies across business units with an accent on assessing AppSec capabilities, implementing scalable improvements, and integrating security into development workflows. Focus on providing architecture guidance, implementing secure coding practices, and overseeing Secure by Design initiatives.

Location: Remote (UK-based)

Company

hirify.global is an international technology organisation.

What you will do

Define and evolve group-wide Product Security and Secure SSDLC strategies across all business units.
Assess current AppSec capabilities, identify gaps, and implement practical, scalable improvements.
Collaborate with Product Architects, engineering, and security teams to integrate security into GitHub, CI/CD pipelines, and development workflows.
Provide architecture guidance and implement secure coding practices, threat modelling, and security tooling.
Partner with stakeholders to define AppSec KPIs, monitor metrics, and report on security posture.
Oversee Secure by Design initiatives, including project execution, vendor management, and integration with third-party tools.

Requirements

8+ years' experience in software development and application security, with recent experience in AppSec leadership or Security Architecture roles.
Proven experience in embedding security practices into enterprise scale product development.
Expertise in secure software development lifecycle, threat modelling, and security architecture.
Strong GitHub knowledge, including security architecture for CI/CD pipelines.
Experience with AppSec tooling, DevSecOps practices, cloud-native environments, and container security.
Excellent communication skills for collaborating with technical teams and business leaders.

Nice to have

Professional security certifications (CISSP, CSSLP, CISM, or AppSec-specific).
Experience in federated environments, regulated industries, or large enterprises.

Culture & Benefits

Equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.

Будьте осторожны: если вас просят войти в iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →