Application Security Architect (AWS)

Job Description

Job description Job Title: Application Security Architect (AWS) Location: Bangalore (Hybrid - 3days WFO) Experience: 7+ Years Job Summary: We are seeking an experienced and highly skilled Application Security Architect with deep expertise in AWS. The ideal candidate will be instrumental in designing and implementing robust application security architectures for our AWS-hosted services and applications. You will champion secure-by-design principles throughout the Software Development Lifecycle (SDLC), provide architectural governance, and mentor engineering teams to foster a culture of security. This role requires a strong technical background, excellent communication skills, and a proactive approach to identifying and mitigating application-layer risks in cloud environments. Key Responsibilities: Design and implement secure application security architectures for AWS-hosted services and applications, ensuring resilience against modern threats. Drive secure-by-design initiatives across the entire SDLC, including leading threat modeling sessions, conducting comprehensive risk assessments, and performing architectural security reviews. Produce and review Architecture Decision Records (ADRs) to document key security architectural decisions and their rationale. Collaborate closely with software engineers, DevOps teams, various security teams, and cloud architects to ensure alignment with security best practices and enterprise standards. Define, evangelize, and promote secure coding standards and integrate security-focused practices into CI/CD pipelines. Provide expert application security guidance and consultation for integrating security tools such as SAST, DAST, SCA, IaC scanning, secret detection, and other MAST (Modern Application Security Testing) solutions, specifically tailored for cloud environments. Develop and provide consultation on robust security design patterns and reusable reference architectures (at the platform level) for AWS microservices, APIs, containers, and serverless workloads. Continuously monitor emerging AWS security features and provide recommendations for their strategic adoption. Support incident response and forensics activities related to application-layer attacks, providing expert analysis. Guide and advise on effective remediation strategies for identified vulnerabilities and inherent design flaws. Serve as the Subject Matter Expert (SME) for application security in security governance discussions, audits, and compliance efforts. Provide architectural governance, rigorously reviewing projects to ensure strict alignment with the technical strategy, company platform roadmaps, and enterprise standards. Drive both high-level conceptual designs and detailed technical designs, actively partnering with other teams where applicable. Identify opportunities to embrace innovative security technologies, perform rapid Proofs of Concept (POCs) to experiment, and establish guardrails for engineering and product teams. Coach and mentor engineering colleagues on solution architecture and secure development practices, providing advice, mentorship, and assistance as required. Actively participate in team-level and enterprise-wide architecture and engineering discussions, contributing a security-first perspective. Introduce enterprise architectural paradigms and scalable security solutions into the portfolio. Communicate effectively with senior leaders regarding strategic direction and changes in the security architecture landscape. Required Qualifications: 7+ years of progressive experience in application security, software engineering, or security architecture roles. 3+ years of hands-on experience designing and securing applications leveraging core AWS services, including but not limited to IAM, KMS, CloudTrail, VPCs, CodePipeline, and Terraform. Deep understanding of the AWS ecosystem, encompassing Compute (EC2, Lambda, Fargate), Storage (S3, EBS, RDS), Networking (VPC, Load Balancers, Route 53), Data services, and Security services. Profound understanding of the Secure Software Development Lifecycle (SSDLC) and cloud-native application patterns (e.g., microservices, containers, serverless, CI/CD). Demonstrated experience implementing security controls within CI/CD pipelines using tools like Jenkins, GitHub, GitHub Actions, or similar platforms. Expertise in at least one or more modern programming languages (e.g., Python, Java, Go, Node.js). Familiarity with common application security vulnerabilities and frameworks, including OWASP Top 10, SANS CWE Top 25, and various threat modeling methodologies (e.g., STRIDE). Proven ability to effectively communicate complex technical risks and mitigation strategies to both technical and executive stakeholders. At least one current security-related certification such as GDSA, GCAD, GWAT, GWEB, GPEN, GCPN, GXPN, or other equivalent certifications. Preferred Qualifications: Any of the following architecture or cloud certifications are a significant plus: SABSA, TOGAF, AWS Certified Solutions Architect - Professional, AWS Certified Security - Specialty. Experience with other cloud platforms (Azure, GCP). Experience in highly regulated industries (e.g., finance, healthcare). Familiarity with compliance standards (e.g., PCI DSS, HIPAA, FedRAMP). Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹2,000,000.00 per year Benefits: Health insurance Provident Fund Schedule: Day shift Morning shift Rotational shift Supplemental Pay: Shift allowance Yearly bonus Work Location: In person Application Deadline: 20/06/2025 Expected Start Date: 10/06/2025