Senior Application Security Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

Santcore Technologies · 7 hours ago

Senior Application Security Architect

positionRockville, MD
timeContract
remoteHybrid
senioritySenior Level
money$70/hr - $70/hr
date5+ years exp

Santcore Technologies is seeking a Senior Application Security Architect for a contract engagement in McLean, VA. This role is responsible for designing, implementing, and governing enterprise-wide application security architecture and standards, ensuring security is embedded throughout the Software Development Life Cycle (SDLC).

Information Technology & Services
check
H1B Sponsor Likelynote

Responsibilities

Design and establish enterprise application security architecture frameworks, reference models, and standards aligned with business objectives and risk tolerance
Lead application and system architecture reviews to identify security gaps and recommend appropriate compensating controls
Develop and maintain security baselines, standards, and reusable design patterns for web, mobile, API, microservices, and cloud-native applications
Create, mature, and facilitate threat modeling practices and sessions with development teams
Define secure coding standards and security requirements based on application type, data sensitivity, and risk profile
Architect security solutions covering authentication, authorization, encryption, and secure communications
Establish security guardrails for cloud-native, serverless, containerized, and infrastructure-as-code environments
Design and implement API security strategies, including identity flows, gateways, throttling, and rate limiting
Embed security architecture principles into CI/CD pipelines to support enterprise DevSecOps initiatives
Evaluate, select, and recommend application security tools and technologies (SAST, DAST, IAST, SCA, etc.)
Develop and maintain security architecture roadmaps and guide implementation of enterprise security capabilities
Partner with development, platform, and infrastructure teams to design secure solutions that balance delivery speed and risk
Lead cross-functional security initiatives with enterprise-wide impact
Leverage GenAI technologies to enhance architecture reviews and automate security analysis
Maintain documentation of security architecture decisions, patterns, and reference implementations
Develop and deliver security architecture guidance and training for developers and architects
Stay current with emerging threats, technologies, and application security best practices
Perform security design reviews for new applications and major system changes
Architect secure data handling practices, including encryption at rest and in transit

Qualification

Application Security ArchitectureThreat ModelingSecurity Tools ImplementationSecure Software DevelopmentCloud Security (AWS/Azure/GCP)API SecurityCryptographic ProtocolsProgramming Languages (Java/Python/JavaScript)Regulatory Compliance KnowledgeSecure Code ReviewsDevSecOps ImplementationSecurity Architecture DocumentationEmerging Threats AwarenessSecurity Training DeliveryInfluencing StakeholdersHands-on Security TestingSecurity Standards KnowledgeIdentity Technologies (MFA/SSO)CommunicationCross-Functional Leadership

Required

Bachelor's degree in Computer Science, Information Security, or a related technical field
5+ years of experience in Application Security, including 2+ years in a Security Architecture role
Deep knowledge of secure design principles, threat modeling methodologies, and security architecture patterns
Experience designing security controls for cloud platforms such as AWS, Azure, or Google Cloud Platform
Proficiency evaluating and implementing application security tools including SAST, DAST, IAST, and SCA
Hands-on experience with security testing and proxy tools
Strong understanding of secure software development practices and DevSecOps implementations
In-depth knowledge of OWASP Top 10, CWE/SANS, and related application security standards
Experience with authentication and identity technologies including MFA, SSO, OAuth 2.0, SAML, and OIDC
Experience designing and securing APIs and microservices architectures
Knowledge of regulatory and compliance requirements and their impact on application architecture
Proficiency in one or more programming languages: Java, Python, or JavaScript
Experience performing secure code reviews and identifying common vulnerability patterns
Strong understanding of cryptographic protocols and secure implementation practices
Experience supporting modern application architectures such as SPAs, serverless, and container-based systems
Excellent communication skills with the ability to explain complex security concepts to technical and non-technical stakeholders
Proven experience leading cross-functional initiatives and influencing stakeholders

Preferred

Relevant certifications such as CISSP, CSSLP, or Cloud Security Certifications

Company

Santcore Technologies

twitter
company-logo
Santcore Technologies is a multidisciplinary IT consulting and solutions firm specializing in cybersecurity, GRC, cloud architecture, application security, digital transformation, and enterprise technology staffing.
dateFounded in 2020
location
Houston, Texas, US
people-size11-50 employees
web-link
https://www.santcore.com

H1B Sponsorship

Santcore Technologies has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (2)
2023 (1)

Funding

Current Stage
Early Stage
Company data provided by crunchbase