Associate Architect - Product Security

2 Months ago • 10 Years + • Product

Job Summary

Job Description

We are seeking an Associate Architect for Product Security to define and enforce secure coding standards and best practices. Responsibilities include threat modeling, security architecture reviews, code analysis, and designing/implementing secure CI/CD pipelines with integrated security controls. The role involves automating security testing (SAST, DAST, IAST, SCA, container scanning) within the SDLC, evaluating and integrating security tools, and leading DevSecOps programs. Additionally, you will build automation for efficiency, leverage ASPM, implement Infrastructure as Code (IaC) security and cloud-native security controls, monitor and respond to security incidents, and collaborate with development teams for vulnerability remediation. Training and awareness programs will be developed, and you will stay current with emerging threats and security technologies, ensuring compliance with industry standards like OWASP and NIST.
Must have:
  • 10+ years of experience in application security
  • 6+ years in Application security, preferably in fintech
  • Strong understanding of web, mobile, API, cloud architectures
  • Experience with code reviewing in Java, JavaScript, .Net, C#, Python, or IaC
  • Hands-on experience with SCA, SAST, DAST, IAST, SBOM, ASPM, Apigee, WAF
  • Deep understanding of DevSecOps practices and CI/CD automation
  • Knowledge of cloud platforms (AWS, Azure) and Kubernetes, Docker
  • Experience building security controls for NIST CSF and SSDF frameworks
  • Ability to identify and summarize operational procedures and write SOPs
  • Good understanding of full stack software development best practices
  • Ability to collaborate cross-functionally and communicate effectively
  • Certifications such as CSSLP, OSWE, or CEH
Good to have:
  • Experience supporting developer tools as a security professional (IDE integration, PR checks)
  • Performing risk-based security reviews meeting OWASP, SOC2, GDPR requirements
  • Providing security scan reports

Job Details

Description

  • Responsibilities

    • Define and enforce secure coding standards and best practices.
    • Perform threat modeling, security architecture reviews, and code analysis. 
    • Design and implement secure CI/CD pipelines with integrated security controls. 
    • Automate security testing (SAST, DAST, IAST, SCA, container scanning) in SDLC process. 
    • Evaluate and integrate security tools and platforms  
    • Lead DevSecOps program in collaboration with DevOps, Operations and Engineering teams 
    • Build automation focused on efficiency (E.g. increase triaging efficiency, manage false positives etc.) 
    • Leverage ASPM and build workflows and reports  
    • Evaluate and integrate security tools and platforms 
    • Implement Infrastructure as Code (IaC) security and cloud-native security controls. 
    • Monitor and respond to security incidents in development and production environments. 
    • Collaborate with development teams to remediate vulnerabilities and design secure applications. 
    • Develop and deliver secure coding training and awareness programs. 
    • Stay current with emerging threats, vulnerabilities, and security technologies. 
    • Ensure compliance with industry standards (e.g., OWASP, NIST etc).   
Requirements 
    • Overall 10+ years of experience in application security, software development, or related roles. 
    • 6+ years of work experience in Application security, preferably in a fintech or financial services domain  
    • Strong understanding of web, mobile, API and cloud application architectures. 
    • Experience of code reviewing or code contributing in Java, Java Script, .Net. C#, Python, or IaC scripting. 
    • Hands-on experiences running SCA, SAST, DAST, IAST, SBOM, ASPM, Apigee, WAF etc., with approaches or optimizations for the tools to efficiently enforce the enterprise S-SDLC policies. 
    • Deep understanding of DevSecOps practices and experience in CI/CD automation for  one of the popular platforms, such as Gitlab, GitHub or Azure DevOps. 
    • Knowledge of cloud platforms (AWS, Azure) and container orchestration (Kubernetes, Docker). 
    • Perspective of supporting developer tools as a security professional (E.g. integrating security tools with IDE, PR checks etc.) 
    • The experiences in building security controls for a system that follows NIST CSF and SSDF frameworks and  performing the risk-based security reviews that meet the OWASP, SOC2, GDPR requirements.  
    • Ability to identify and summarize practical operational procedures, write standards or SOPs, and provide security scan reports. 
    • A good understanding of full stack software development and best practices for developing software (version control, branching, automation, IaC, documentation, testing, etc.)  
    • Ability to collaborate cross-functionally and communicate effectively with highly technical teams and provide written assessment reports as needed. 
    • Certifications such as CSSLP, OSWE, or CEH. 
     

Similar Jobs

SSC Technologies - Financial Engineer

SSC Technologies

Toronto, Ontario, Canada (Hybrid)
1 Month ago
flying wild hog - HR Partner

flying wild hog

Poland (Hybrid)
5 Months ago
Nine - P&C Analyst - 6-month contract - Immediate Start

Nine

North Sydney, New South Wales, Australia (On-Site)
1 Month ago
Solace - Growth Product Manager

Solace

United States (Remote)
1 Month ago
deel. - Sales Development Representative, Deel IT | ANZ

deel.

Australia (Remote)
4 Weeks ago
Morning Star - Product Consultant

Morning Star

Mumbai, Maharashtra, India (Hybrid)
2 Months ago
Scopely - Director of Product Performance

Scopely

Barcelona, Catalonia, Spain (On-Site)
5 Months ago
EvenUp - Senior Product Counsel (Staff Attorney)

EvenUp

San Francisco, California, United States (Hybrid)
1 Month ago
Plummy Games - Data Lead (Product & Marketing)

Plummy Games

Tallinn, Harju County, Estonia (Remote)
2 Months ago
LMArena - Product Lead

LMArena

California, United States (Remote)
3 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Rippling - Account Executive, Rippling Spend

Rippling

San Francisco, California, United States (On-Site)
1 Year ago
Synechron - React/Angular Developer

Synechron

Bengaluru, Karnataka, India (On-Site)
1 Year ago
Barracuda - International Payroll Manager

Barracuda

Innsbruck, Tyrol, Austria (Hybrid)
4 Weeks ago
Fox Factory - Customer Service Representative

Fox Factory

Burnaby, British Columbia, Canada (On-Site)
1 Month ago
aspyr - Head of Creative

aspyr

Austin, Texas, United States (On-Site)
3 Months ago
Evercast - Onboarding Engineer

Evercast

United States (Remote)
1 Month ago
Qualcomm - GStreamer multimedia framework Lead Engineer Senior

Qualcomm

Hyderabad, Telangana, India (On-Site)
3 Months ago
PwC - Manager in Document Automation - Implementation and IT delivery

PwC

Prague, Prague, Czechia (On-Site)
10 Months ago
Sony Pictures Entertainment - Research Assistant/Analyst, TV Distribution, EMEA - 12 month FTC

Sony Pictures Entertainment

London, England, United Kingdom (Hybrid)
4 Weeks ago
Zeeco, Inc. - Saw Operator

Zeeco, Inc.

Broken Arrow, Oklahoma, United States (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Thiruvananthapuram, Kerala, India

luxsoft - Database Interface Developer

luxsoft

Mumbai, Maharashtra, India (On-Site)
1 Month ago
Zazz - Marketing Data Specialist

Zazz

India (On-Site)
7 Months ago
PwC - Senior Manager_ETL Data Modeller _Data and Analytics_Advisory

PwC

Bengaluru, Karnataka, India (On-Site)
1 Year ago
Clearwater Analytics - Core Data Product Analyst

Clearwater Analytics

Noida, Uttar Pradesh, India (On-Site)
4 Weeks ago
Brillio - Alliances Account Manager

Brillio

Bengaluru, Karnataka, India (Hybrid)
6 Months ago
Insight Software - Customer Success Analyst

Insight Software

Hyderabad, Telangana, India (On-Site)
3 Months ago
Capgemini - Data Engineer

Capgemini

Hyderabad, Telangana, India (On-Site)
2 Months ago
Ajmera Infotech - React Developer

Ajmera Infotech

Ahmedabad, Gujarat, India (On-Site)
4 Months ago
Hitachi - D365 F&O Technical Developer

Hitachi

Chennai, Tamil Nadu, India (On-Site)
10 Months ago
Capgemini - Image Processing

Capgemini

Hyderabad, Telangana, India (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Product Jobs

Genies.io - Head of Product

Genies.io

Los Angeles, California, United States (On-Site)
1 Month ago
Interface AI - Senior Technical & Product Recruiter (Contract)

Interface AI

San Jose, California, United States (On-Site)
1 Month ago
Scopely - Senior Director, Product - Garden Joy

Scopely

Culver City, California, United States (Hybrid)
8 Months ago
Rippling - Product Lead, Talent Signal

Rippling

San Francisco, California, United States (On-Site)
4 Months ago
BetterMe - Product Owner (Hardware)

BetterMe

Ukraine (Remote)
4 Weeks ago
dun bradstreet - Product Sales and Solutions Consultant

dun bradstreet

Hong Kong (On-Site)
7 Months ago
Valeo - Product Architect

Valeo

Martos, Andalusia, Spain (On-Site)
1 Month ago
zeta - Executive Assistant to the Vice President, Product & Engineering

zeta

Hyderabad, Telangana, India (On-Site)
5 Months ago
Boss fight entertainment  - Team Lead, Launch Operations (Product Discovery & Promotion)

Boss fight entertainment

Manila, Metro Manila, Philippines (On-Site)
3 Months ago
gyb games - Product Specialist (HyperCasual)

gyb games

Istanbul, İstanbul, Türkiye (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Thiruvananthapuram, Kerala, India (On-Site)

Berwyn, Pennsylvania, United States (Hybrid)

Powhatan, Virginia, United States (Hybrid)

Thiruvananthapuram, Kerala, India (On-Site)

Thiruvananthapuram, Kerala, India (On-Site)

Thiruvananthapuram, Kerala, India (On-Site)

Chicago, Illinois, United States (On-Site)

Berwyn, Pennsylvania, United States (Hybrid)

Berwyn, Pennsylvania, United States (Hybrid)

Berwyn, Pennsylvania, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Yodlee

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug