Application Security Architect

Application Security Architect Our client, a Boston-based financial services firm, has an immediate need for an Application Security Architect to join their team on a 6-month contract to start, onsite 3 days a week in Boston. Compensation can range from $70-80/hr, depending on candidate qualifications. Position Overview We are seeking an experienced Application Security Architect to lead and enhance secure application and cloud-native architecture practices across the organization. This role is responsible for performing application architecture security reviews, leading security risk assessments, defining secure development standards, and partnering closely with engineering and infrastructure teams to integrate security throughout the software development lifecycle (SDLC). The ideal candidate combines deep technical expertise in application and cloud security with strong communication and leadership skills. This individual will serve as a trusted advisor to development, DevOps, infrastructure, and security teams, helping to design and implement scalable, secure solutions in modern containerized and API-driven environments. This is a highly collaborative role with the opportunity to influence enterprise security strategy, modern DevSecOps practices, and secure cloud adoption initiatives. Key Responsibilities Application & Architecture Security Conduct security architecture reviews for new and existing applications, APIs, and cloud-native services to identify risks and recommend mitigation strategies. Lead application security risk assessments and threat modeling exercises for critical business applications and platforms. Define and maintain secure application architecture standards, reference patterns, and security best practices. Guide secure design principles, authentication and authorization models, encryption, secrets management, and secure API development. Cloud & Container Security Design and implement security controls for containerized and Kubernetes-based environments, including OpenShift and Azure Kubernetes Service (AKS). Support secure container runtime practices using technologies such as Docker and Podman. Collaborate with infrastructure and platform engineering teams to strengthen cloud-native security posture across Azure environments. Evaluate and recommend security tooling and controls for Kubernetes, container security, workload protection, and runtime monitoring. DevSecOps & Software Supply Chain Security Partner with development and DevOps teams to integrate automated security controls into CI/CD pipelines and software delivery processes. Support secure development lifecycle (SDLC) initiatives, including security testing, code review processes, and vulnerability remediation workflows. Establish and maintain software supply chain security practices, including Software Composition Analysis (SCA), open source governance, and vulnerability management using tools such as NexusIQ or similar platforms. Guide Infrastructure-as-Code (IaC) security and deployment best practices. API & Application Protection Implement and support API security controls and governance practices using enterprise API management and security solutions. Lead implementation and operational adoption of application protection technologies, including Runtime Application Self-Protection (RASP) solutions such as Contrast Protect. Collaborate with teams to improve application observability, logging, and runtime threat detection capabilities. Security Leadership & Collaboration Develop and maintain application security policies, standards, and procedures aligned with industry frameworks and regulatory requirements. Partner with development teams to remediate vulnerabilities and improve overall security maturity. Deliver security guidance, mentoring, and awareness training to engineering and operational teams. Stay current on emerging threats, vulnerabilities, technologies, and industry trends to continuously improve the organization’s security posture. Qualifications Required Qualifications Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field. 7+ years of experience in application security, including security architecture reviews, threat modeling, and risk assessments. Strong knowledge of secure software development practices and modern application security principles. Experience securing containerized and Kubernetes-based environments, including OpenShift and/or AKS. Experience integrating security into CI/CD pipelines and DevSecOps workflows using platforms such as Jenkins and Azure DevOps. Hands‑on experience with application security testing methodologies and tools, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Penetration testing and vulnerability assessment Experience implementing and managing API security controls and API management platforms. Strong understanding of OWASP Top 10, NIST, CIS benchmarks, and secure architecture principles. Excellent analytical, communication, and problem‑solving skills with the ability to collaborate across technical and business teams. Preferred Qualifications Experience with tools such as Traceable, NexusIQ, Contrast Protect, or equivalent enterprise security platforms. Experience securing Microsoft Azure cloud environments and cloud-native architectures. Familiarity with Infrastructure-as-Code (Terraform, Helm, Bicep) and related security controls. Knowledge of Kubernetes policy enforcement, container runtime security, and software supply chain security practices. Experience securing AI‑enabled platforms and Model Context Protocol (MCP) environments, including governance, secure tool integration, identity controls, and protection of sensitive data and model interactions, is a plus. Relevant industry certifications such as:

CISSP

CCSP

CSSLP

OSCP GIAC security certifications Kubernetes security certifications For immediate consideration, please email a resume to Kenny at View email address on click.appcast.io #J-18808-Ljbffr Daley And Associates, LLC