Principal Security Architect

Glocomms is partnered with an innovative Fintech company in the holdings space. We are seeking a highly experienced and strategic Principal Application Security Architect to lead the design and implementation of secure software and infrastructure solutions across the client's enterprise. This role is pivotal in shaping the cybersecurity strategy, driving secure product development, and ensuring robust risk management practices. 

Key Responsibilities:

• Define and drive the application security architecture strategy aligned with business and security objectives.
• Lead threat modeling, vulnerability management, and secure design reviews across products and platforms.
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines and API development.
• Establish and enforce security policies, standards, and best practices across the organization.
• Evaluate and implement security controls for containerized environments and public cloud providers (AWS, Azure, GCP).
• Assess and manage third-party risk and ensure secure integration of external services.
• Provide expert guidance on security frameworks (e.g., NIST, ISO 27001) and compliance with privacy laws and regulatory requirements.
• Partner with IT leadership, product teams, and business units to align security initiatives with business goals.
• Communicate complex security concepts to technical and non-technical stakeholders.
• Mentor junior security engineers and contribute to a culture of security awareness and innovation.

Qualifications:

• Bachelor's degree in Computer Science or a related field; CISSP, SANS, or equivalent certifications
• 7+ years of experience in cybersecurity, focusing on application and infrastructure security, secure development, and compliance
• Proficient in DevOps, CI/CD, APIs, cloud platforms (AWS, Azure, GCP), container security, and application security tools
• Strong understanding of threat modeling, security controls, OWASP, NIST, ISO standards, and privacy laws like GDPR and HIPAA
• Excellent communicator with business acumen, an attacker mindset, and the ability to influence cross-functional teams

This is a hybrid role, based out of Dallas, TX. The client is not able to sponsor now or in the future. Please apply in if you are interested!