Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Stone & Company

Senior Application Security Architect – AppSec

Stone & Company

. Define and implement security strategies for applications, including those that integrate LLMs and generative AI .

Posted 7/16/2026full-timeRemote • 🇧🇷 BrazilSeniorWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates expertise in defining and implementing security strategies for applications, particularly those utilizing LLMs and generative AI, while promoting best practices and providing technical guidance to development teams. Proficient in threat modeling, identifying vulnerabilities, and ensuring the safe use of AI-assisted development tools.

Highest-signal resume keywords
Security Strategy DevelopmentThreat ModelingApplication Security StandardsCI/CD Security ToolsCloud Security (AWS, Azure, GCP)

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Information SecuritySoftware Development LifecycleVulnerability AssessmentAPI Protection MechanismsAgile MethodologiesAutomated Quality ValidationCommon Attack VectorsSecurity TrainingData Leakage PreventionGenerative AI Security Risks
Soft Skills
Influencing SkillsNegotiation SkillsAutonomous WorkConcise CommunicationInitiative
Tools & Technologies
SASTDASTSCASecret ScanningAI-Assisted Development Tools
Industry Keywords
LLM ApplicationsOWASP Top 10MITRE ATLASCloud Services Security

Tech Stack

Tools & technologies
AWSAzureCloudGoogle Cloud Platform

About the role

Key responsibilities & impact
  • Define and implement security strategies for applications, including those that integrate LLMs and generative AI
  • Collaborate with development teams to integrate security practices from the start of the software development lifecycle
  • Conduct architecture, code, and design reviews to identify potential vulnerabilities and security issues
  • Define guardrails and standards for applications using LLMs, addressing risks such as prompt injection, insecure output handling, data leakage via outputs, excessive agent agency, and cost abuse (denial-of-wallet)
  • Establish guidelines for the safe use of AI-assisted development tools by engineering teams, balancing productivity, intellectual property protection, and prevention of sensitive data leakage
  • Develop and promote security standards and best practices across the development team
  • Provide technical guidance and security training to development teams
  • Be familiar with tools for automated quality validation in CI/CD pipelines such as SAST, DAST, SCA and Secret Scanning
  • Monitor security threat trends and evolutions and continuously update protective measures — including the emerging threat landscape for AI systems
  • Develop creative solutions to complex security problems that balance business needs and risks
  • Use your security experience and intuition to hunt for threats in corporate and production environments
  • Ability to read and communicate in English

Requirements

What you’ll need
  • Bachelor’s degree (completed or in progress) in Information Security, Computer Science, Information Systems, Software Engineering, or related fields
  • Ability to identify opportunities for improvement, new solutions, and alerts that can benefit and/or facilitate operations
  • Use influencing and negotiation skills to guide teams to fix issues or adopt security-appropriate architectures
  • Ability to work autonomously
  • Communicate concisely, directly, and assertively, able to translate complex problems into language accessible to the intended audience
  • Initiative to seek or request information when needed
  • Passion for learning and thriving in a dynamic, constantly changing environment
  • Knowledge of common attack vectors
  • Experience conducting threat modeling
  • Experience with effective mechanisms for protecting APIs and mobile applications
  • Familiarity with core cloud services and security concepts (AWS, Azure or GCP)
  • Comfortable working within multidisciplinary teams using agile methodologies
  • Familiarity with security risks in applications that use LLMs and generative AI (references such as OWASP Top 10 for LLM Applications and MITRE ATLAS)

Benefits

Comp & perks
  • 💸 Fixed Salary
  • 💰 Variable Compensation Package* (PLR, ILP, or Commission - provided according to role eligibility, not an open-choice model)
  • 🏥 Health and Dental Plan with co-payment (except for people with disabilities who do not have co-payment)
  • 🩺 Green Virtual Hospital: telemedicine team available 24/7
  • 💊 Medication subsidy
  • 🍽️ Meal Allowance and/or Food Voucher - Pluxee* (except for Commercial Executive roles - 6 hrs)
  • 👶 Childcare assistance (for children up to 5 years and 11 months)
  • 💙 Assistance for children with disabilities
  • 🛡️ Life Insurance
  • ⛽ Fuel allowance or commuting assistance*
  • 🏠 Home office allowance* (only for Hybrid or Remote contracts)
  • 🎁 Welcome kit for new parents
  • 🏢 SESC partnership*
  • 📚 Education Benefit - Internal self-development platform (Studa and Stone Library)
  • 🧠 Acolhe360º - Emotional support (free)
  • 💆 Quick massage and medical clinic*