Senior Application Security Architect

EXL

Application Security Architect focusing on embedding security in SDLC and collaborating with engineering teams. Drive secure coding practices and manage application security risks for modern software.

Posted 6/17/2026full-timeRemote • 🇺🇸 United StatesLead💰 $160,000 - $195,100 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudGoogle Cloud PlatformSDLC

About the role

Key responsibilities & impact

Serve as the security architecture authority within the architecture organization, partnering with product architects, principal engineers, cloud partners (AWS, Azure, GCP), and business leaders to embed secure-by-design principles into hardware appliances, multi-tenant SaaS platforms, and globally distributed cloud infrastructure.
Coach and support developers in writing secure code, including secure patterns, common vulnerability classes, and secure use of frameworks and libraries.
Provide timely consulting on “how to do it right” (architecture, implementation details, and operational considerations) and help teams choose secure-by-default approaches.
Triage findings from SAST, SCA, DAST, container and IaC scanning; investigate, validate, and resolve false positives; and help teams prioritize true risk.
Partner with teams to tune security tools, reduce noise, and improve signal quality (rules, suppressions, baselines, and exception processes) while maintaining strong security posture.
Drive adoption of CNAPP, CWPP, WAF, service mesh security, API gateways, SIEM/SOAR, and cloud-native telemetry for protective monitoring, runtime defense, and incident-ready detection.
Conduct Secure by Design reviews for new applications and material changes to existing applications, validating security requirements and design decisions early.
Lead and facilitate threat modeling workshops; identify abuse cases, trust boundaries, and attack paths; and document mitigations and residual risk.
Review authentication/authorization design, data flows, secrets handling, logging/monitoring, and resiliency controls to ensure secure architectures.
Provide clear, actionable recommendations and track follow-through with engineering teams.
Translate regulatory and compliance requirements (FedRAMP, SOC2, ISO 27001, NIST SP 800-53, CSA CCM, SOX) into actionable, measurable, and auditable security architecture control objectives—shifting from audit-driven to architecture-driven alignment.

Requirements

What you’ll need

8+ years related IT experience; 5+ years' experience in security application tools
6+ years' experience in application security reviews of new architecture; 5 + years of experience with public and hybrid cloud (AWS, Azure and GCP) environments.
Strong software development background with the ability to read, understand, and advise on production code and design decisions.
Demonstrated expertise in threat modeling and secure architecture review for modern web and API-based applications.
Expertise securing CI/CD and SDLC processes (pipeline security, secrets management, artifact integrity, build/release controls, and automation).
Experience with application security tooling and processes, including managing findings and resolving false positives (SAST/SCA/DAST and related scanning in pipelines).
Working knowledge of AI/ML security risks and mitigations for applications that use ML models or GenAI components.
Strong collaborative and consulting skills ability to influence without authority, communicate clearly, and deliver pragmatic, developer-friendly recommendations.

Benefits

Comp & perks

🌐 Worldwide ❌ Jobs You've Hidden ⭐️ Saved Jobs ✅ Applied Jobs ✉️ Email Alerts 👤 Account EXL Website LinkedIn All Job Openings 10,000+ employees 💰 $2M Venture Round on 2015-01 Choosing a digital partner is about more than capabilities — it’s about collaboration and character. Senior Application Security Architect Job not on LinkedIn 🔥 53 minutes ago 🇺🇸 United States – Remote 💵 $160k - $195.1k / year ⏰ Full Time 🔴 Lead 👮‍♂️ Cybersecurity / Security Engineer AWS Azure Cloud Google Cloud Platform SDLC Apply Now Find Hiring Managers Customize resume + cover letter Report problem ☆ Save ☑️ Mark as applied ❌ Hide 📋 Description
Serve as the security architecture authority within the architecture organization, partnering with product architects, principal engineers, cloud partners (AWS, Azure, GCP), and business leaders to embed secure-by-design principles into hardware appliances, multi-tenant SaaS platforms, and globally distributed cloud infrastructure.
Coach and support developers in writing secure code, including secure patterns, common vulnerability classes, and secure use of frameworks and libraries.
Provide timely consulting on “how to do it right” (architecture, implementation details, and operational considerations) and help teams choose secure-by-default approaches.
Triage findings from SAST, SCA, DAST, container and IaC scanning; investigate, validate, and resolve false positives; and help teams prioritize true risk.
Partner with teams to tune security tools, reduce noise, and improve signal quality (rules, suppressions, baselines, and exception processes) while maintaining strong security posture.
Drive adoption of CNAPP, CWPP, WAF, service mesh security, API gateways, SIEM/SOAR, and cloud-native telemetry for protective monitoring, runtime defense, and incident-ready detection.
Conduct Secure by Design reviews for new applications and material changes to existing applications, validating security requirements and design decisions early.
Lead and facilitate threat modeling workshops; identify abuse cases, trust boundaries, and attack paths; and document mitigations and residual risk.
Review authentication/authorization design, data flows, secrets handling, logging/monitoring, and resiliency controls to ensure secure architectures.
Provide clear, actionable recommendations and track follow-through with engineering teams.
Translate regulatory and compliance requirements (FedRAMP, SOC2, ISO 27001, NIST SP 800-53, CSA CCM, SOX) into actionable, measurable, and auditable security architecture control objectives—shifting from audit-driven to architecture-driven alignment. 🎯 Requirements
8+ years related IT experience; 5+ years' experience in security application tools
6+ years' experience in application security reviews of new architecture; 5 + years of experience with public and hybrid cloud (AWS, Azure and GCP) environments.
Strong software development background with the ability to read, understand, and advise on production code and design decisions.
Demonstrated expertise in threat modeling and secure architecture review for modern web and API-based applications.
Expertise securing CI/CD and SDLC processes (pipeline security, secrets management, artifact integrity, build/release controls, and automation).
Experience with application security tooling and processes, including managing findings and resolving false positives (SAST/SCA/DAST and related scanning in pipelines).
Working knowledge of AI/ML security risks and mitigations for applications that use ML models or GenAI components.
Strong collaborative and consulting skills ability to influence without authority, communicate clearly, and deliver pragmatic, developer-friendly recommendations. Apply Now 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score Similar Jobs Vice President, Information Security, CISO 🔥 12 hours ago ACM Global Laboratories 1001 - 5000 💊 Pharmaceuticals 🔬 Science ⚕️ Healthcare Insurance Website LinkedIn All Job Openings Vice President managing ACM's information security programs and cyber risk in complex regulated environments. Ensuring the protection of information assets while enabling business objectives. 🇺🇸 United States – Remote 💵 $220k - $250k / year ⏰ Full Time 🔴 Lead 👮‍♂️ Cybersecurity / Security Engineer AWS Azure Cloud Google Cloud Platform IoT Cybersecurity Director 🔥 16 hours ago Business Wire 501 - 1000 📱 Media Website LinkedIn All Job Openings Cybersecurity Director responsible for strategic leadership in Business Wire's cybersecurity functions. Managing GRC programs and enhancing data protection and security strategies. 🇺🇸 United States – Remote 💵 $230k - $245k / year ⏰ Full Time 🔴 Lead 👮‍♂️ Cybersecurity / Security Engineer AWS Azure Cloud Cyber Security SVP, Chief Information Security Officer 🔥 16 hours ago Finance of America 501 - 1000 💸 Finance 🏦 Banking Website LinkedIn All Job Openings Chief Information Security Officer providing strategic leadership and oversight for systems security and data integrity. Joining Finance of America to shape the future of reverse mortgage solutions. 🇺🇸 United States – Remote ⏰ Full Time 🔴 Lead 👮‍♂️ Cybersecurity / Security Engineer 🦅 H1B Visa Sponsor Azure Solutions, Security Architect 🔥 17 hours ago Ascend Technologies 201 - 500 🔒 Cybersecurity Website LinkedIn All Job Openings Azure Solutions Architect leading security-focused Azure cloud solutions at Ascend Technologies. Designing scalable architectures, ensuring compliance, and mentoring teams in Agile environments. 🇺🇸 United States – Remote 💵 $155k / year ⏰ Full Time 🟠 Senior 🔴 Lead 👮‍♂️ Cybersecurity / Security Engineer 🦅 H1B Visa Sponsor Azure Cloud Terraform Director of Security and Infrastructure 🕒 Yesterday Highway.ai 51 - 200 Website LinkedIn All Job Openings Director of Security & Infrastructure overseeing AWS security and infrastructure operations for Highway. Responsible for embedding security into development practices and maintaining operational excellence. 🇺🇸 United States – Remote 💵 $140k - $160k / year ⏰ Full Time 🔴 Lead 👮‍♂️ Cybersecurity / Security Engineer AWS Terraform View More Security Engineer Jobs 🌐 Worldwide Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or support@remoterocketship.com Search Search Jobs by country Search jobs by city Search jobs by job title Search entry-level jobs Search junior-level jobs Search senior-level jobs Search jobs by tech stack Search jobs by contract type Search remote internships Search remote part-time jobs Remote jobs Anywhere in the World Companies Hiring Anywhere in the World Companies Hiring Sales People Anywhere in the World Companies Hiring Software Engineers Anywhere in the World Resources Advice Tips for finding remote jobs Interview questions and answers Resume examples Cover letter examples Post a job Affiliates Privacy policy Terms of service Job board SEO course AI Apply Copilot OpenClaw job finder Jobs by Country Remote jobs anywhere in the world (Worldwide remote jobs) Remote jobs United States Remote jobs Australia Remote jobs Brazil Remote jobs Canada Remote jobs France Remote jobs Ireland Remote jobs Germany Remote jobs Netherlands Remote jobs Spain Remote jobs UK Popular Jobs Remote data analyst jobs Remote customer support jobs Remote executive assistant jobs Remote marketing jobs Remote product designer jobs Remote product manager jobs Remote project manager jobs Remote recruiter jobs Remote sales jobs Remote software engineer jobs Jobs by Type Remote full-time jobs Remote part-time jobs Remote contract jobs Remote internship jobs Remote entry-level jobs Remote jobs with no experience required Remote junior jobs (1-3 years of experience) Digital nomad jobs Remote jobs with no degree required Freelance remote jobs Temporary remote jobs Remote jobs hiring now Stay at home mom jobs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

secure codethreat modelingapplication securityCI/CD securitySDLC processesSASTSCADASTcloud securitysecure architecture

Soft Skills

collaborative skillsconsulting skillsinfluence without authorityclear communicationpragmatic recommendations

Certifications

FedRAMPSOC2ISO 27001NIST SP 800-53CSA CCMSOX