Application Security Architect

IT Architect

At Jabil (NYSE: JBL), we are proud to be a trusted partner for the world's top brands, offering comprehensive engineering, supply chain, and manufacturing solutions. With 60 years of experience across industries and a vast network of over 100 sites worldwide, Jabil combines global reach with local expertise to deliver both scalable and customized solutions. Our commitment extends beyond business success as we strive to build sustainable processes that minimize environmental impact and foster vibrant and diverse communities around the globe.

Job Summary

Provides technical leadership and is responsible for determining the direction for the IT architecture, standards, design and implementation approaches for the company's application systems, infrastructure and/or network-based cloud product systems. Creates, evaluates and implements plans and design proposals for high impact IT solutions and their use involving leading edge technologies and methods considering key factors such as their long-term effectiveness (service delivery and cost), practicality, technical limitations and criticality. This is an expert-level role requiring independent action to establish methods and procedures on new and/or special assignments.

Essential Duties and Responsibilities

IT Architect

Program Management

• Design, build and integrate an enterprise SSDLC program within existing enterprise SDLC and CI/CD processes
• Develop and lead an Application Security domain roadmap and manage related strategy and planning activities

Standards Management

• Be responsible for the management of enterprise application and software security standards and promote their use and enhancement with new or existing solutions
• Experience and understanding of OWASP Top 10 for LLMs and Gen AI
• Experience and understanding of NIST AI RMF
• Influence the integration of application security principles in the solution design, processes, and standards, based on business, regulatory, or customer requirements.
• Provide architectural and design guidance, analysis, and direction, for enterprise-wide key projects and strategic initiatives as it relates to the information security and privacy. Find common ground and gain cooperation when conflicts arise and provide process improvements.
• Provide support and guidance to development teams on complex application security designs and vulnerabilities
• Training
• Promote Secure Software Development practices to development teams
• Lead and conduct secure software development training and awareness sessions for development teams
• Tools
• Provide Subject Matter Expertise for all application security technologies (SAST,DAST,SCA,WAF,etc) with heavy participation in key decision-making processes for the acquisition of current/new technologies
• Experience and understanding of how to leverage AI technologies (Kiro, Amazon Q, Amazon Bedrock etc)
• Knowledge and experience with AI Security Platforms (Zenity, PA AIRS, etc) is a plus
• Maintain a relationship with key Third-Party vendors, such as software security vendors to provide support to the infrastructure as needed.

Know and understand Jabil business strategy

Know and understand Jabil IT strategy & objectives

Define the overall solution architecture consistent with Jabil's methodology

Be responsible for the technical solution by providing leadership for the customer, project manager, domain architects, domain specialists and application engineers to advance and deliver solutions

Consult and Inform Enterprise Architects and Senior IT Architects to design and deliver solutions

Earn trust of clients and management

Assess merits of alternative technical approaches and gain consensus for best approach

Learn, follow, promote, and improve recognized methodologies to design and deliver solutions

Ensure that the non-functional requirements are satisfied including, but not limited to, security, disaster recovery, availability, and performance

Researches technology and industry trends to hone both personal and Jabil's competitive edge

Through modeling or prototyping, validate solution prior to full implementation

Develop expertise in one of the following disciplines: Enterprise Architecture, Business Architecture, Information Architecture, Application Architecture, Technology Infrastructure Architecture

Mentor IT professionals

Management Practices

• Develop project plans and influence project organization
• Apply recognized system sizing methodology
• Vet change(s) with respect to scope, schedule, cost, risk, etc.
• Cross train staff to reduce delivery risk
• Define processes & methods necessary to support delivery/deployment
• Define management tools to support production environment

Continuous Improvement

• Utilize Lean Six Sigma or other methods to identify & provide guidance on organizational improvement opportunities
• Perform root cause analysis and remediation actions
• Contribute to Jabil IP though development and submission of patents

Policy & Procedures

• Comply with IT policy, procedure, and process
• Adhere to all safety and health rules and regulations associated with this position and as directed by supervisor
• Comply and follow all procedures within the company security policy

Training & Development

• Define technical job content & qualifications of key roles required to support technical infrastructure
• Work closely with management to assess and aid the development of staff skill sets
• Assist management to assess and help resolve staffing knowledge gaps

Communication

• Publish and present to customers, IT leaders and business executives
• Engage with vendors and third parties as needed
• Organize verbal and written ideas clearly and use an appropriate business style
• Ask questions; encourage input from staff
• Develop peer relationships with Senior IT Architects

Management & Supervisory Responsibilities

• Typically reports to management.
• The purpose of this role is not primarily managerial, and the job is typically NOT directly responsible for managing employees (e.g., hiring/termination and/or pay decisions, performance management).

Job Qualifications

Knowledge Requirements

• Knowledge and experience in designing and building Secure SDLC program for a large enterprise
• Knowledge and experience in building secure development practices within CI-CD/DevOps processes
• Understanding of all architectural components and their interrelationships
• Knowledge of Software Engineering and Architectural Principles and methods
• Knowledge and experience in identification and mitigation of cyber security gaps within internally developed LLM, GenAI and Agentic AI models
• Knowledge and experience in performing risk assessments of LLM, GenAI and Agentic AI models
• Deep understanding of the relationship between application design, data, and infrastructure environments. Demonstrated experience working across security competencies, such as Identity and Access Management, Cloud Security, Data Security, and Application Security.
• Strong understanding of secure software development practices and technologies, including vulnerability detection/identification/remediation. · Strong and intimate knowledge of threat modeling (OWASP, MITRE).
• Strong understanding and experience of application vulnerabilities and remediation techniques
• Knowledge and experience with compliance & application security standards across the enterprise IT landscape; deep understanding of enterprise risk management methods and techniques to drive successful outcomes in a multi-national environment
• Experience and knowledge of enterprise DAST/SAST/SCA solutions (SNYC, BURP preferred), their deployment and adoption within large enterprises
• Experience and knowledge of managing WAF technologies
• Understanding of all architectural components and their interrelationships
• Knowledge of Software Engineering and Architectural Principles and methods
• Solid presentation and written communication skills
• Good judgment and the ability to handle stressful situations
• Team lead experience in application development
• Knowledge and experience of one or more languages e.g., Java, C#, etc.
• Knowledge and experience with server-side technologies
• Knowledge and experience with client-side technologies e.g., Node, Angular
• Knowledge and experience working in an Agile methodology
• Knowledge of SOA, including REST, SOAP, API Management, and other integration patterns e.g. ESB, EIP, etc.
• Knowledge of relational databases and SQL
• Knowledge of UML or ArchiMate
• Knowledge of cloud technologies
• Ability to define problems, collect data, establish facts, and draw valid conclusions

Education & Experience Requirements