Sr. Application Security Architect

TL;DR

Sr. Application Security Architect (AppSec): Designing, guiding, and assessing security solutions in software projects to ensure security from the beginning with an accent on shift-left and DevSecOps approaches. Focus on threat modeling, penetration testing, secure code reviews, and remediations using SAST, DAST, and SCA tools.

Location: Global company based in Portland, Maine, United States; E-Verify employer, US work authorization implied

Company

Global leader in financial technology solutions for payments, fleet management, and employee benefits, with over 6,500 employees across 200+ countries.

What you will do

• Design and assess security solutions for software projects including web apps, APIs, mobile, and SaaS.
• Lead threat modeling sessions, penetration testing, and secure architecture/code reviews.
• Guide development teams on remediations using SAST, DAST, SCA, and other tools.
• Shape application security program, standards, and compliance with PCI-DSS, HIPAA, GDPR, NIST.
• Mentor engineers on security practices and scale expertise via security champions.
• Collaborate across teams to integrate security into SDLC and CI/CD pipelines.

Requirements

• 8+ years in software development and architecture
• 3+ years in software/application security
• 3+ years with SAST, DAST, SCA, IaC scanning, container security tools
• Expert in OWASP Top 10, web app attacks/mitigations, identity tech (OAuth 2.0, SAML, OpenID Connect)
• Experience in complex on-prem/multi-cloud environments, compliance frameworks
• Degree in Computer Science or equivalent; strong communication and independent delivery

Nice to have

• Security certs (CISSP, CEH, OSCP, GWAPT); cloud certs
• CI/CD tools (Azure DevOps, GitHub Actions, Jenkins)
• IAM tools (Okta, Auth0); Kubernetes/Docker; IaC (Terraform)
• 3+ years cloud (IaaS/PaaS/SaaS); agile teams

Culture & Benefits

• High-performing, collaborative Global Product Security Team focused on secure SDLC.
• Work independently across global time zones with minimal oversight.
• Comprehensive market-competitive benefits supporting personal/professional well-being.
• Emphasis on ownership, pragmatism, customer focus, and continuous learning.
• Drug-free workplace; equal opportunity employer with accommodations for disabilities.