Sr. Application Security Architect

We are seeking a highly skilled and experienced Senior Application Security Architect to join our team.

In this role, you will be part of the Product Security organization within ADP's Global Security Organization (GSO), which plays a strategic role in enabling secure development and supporting the delivery of trusted products, solutions, and services across the entire ADP ecosystem.

As a Senior Application Security Architect, you will partner closely with product, engineering, and cloud architecture teams to design and guide the implementation of secure application architectures.

You will leverage your deep expertise in application security architecture, public cloud platforms (AWS and Azure), and GenAI security to influence design decisions, reduce risk, and champion secure-by-design principles across the organization.

This role is instrumental in helping teams build secure applications, integrate third-party and SaaS solutions responsibly, and elevate ADP's overall security posture through thought leadership, architectural oversight, and proactive engagement throughout the SDLC., * Partner with global product and engineering teams to design, review, and evolve secure application architectures across multi-country environments.

• Influence technical leaders-solution architects, security champions, engineering managers, and developers-to adopt secure-by-design principles and continuously improve security maturity.
• Conduct in-depth security architecture reviews and provide clear, actionable security requirements, design guidance, and validation throughout the entire solution lifecycle.
• Lead and facilitate Threat Modeling activities, leveraging tools such as IriusRisk to help teams create architecture diagrams, identify security risks, define countermeasures, and validate threat coverage.
• Develop and maintain secure architecture patterns, reference architectures, and application security standards, ensuring alignment with industry frameworks (e.g., NIST, OWASP, CIS).
• Embed security across the SDLC, educating product teams on integrating secure coding practices, secure API design, CI/CD security controls, and automated security testing.
• Support secure integration of third-party platforms, SaaS solutions, and cloud-native services, ensuring vendor risk and architecture risks are understood and mitigated.
• Advise on GenAI, LLM, and AI/ML application security, including data protection, model security, prompt injection mitigation, dependency controls, and risk evaluation of AI-driven components.
• Partner with Cloud Architecture teams to ensure consistent application of cloud security controls, identity and access management (IAM), network segmentation, and zero-trust principles across AWS, Azure, and hybrid environments.
• Drive incident response readiness by contributing to architecture-level threat scenarios and ensuring logging, monitoring, and detection capabilities are properly embedded.
• Monitor emerging security threats, technologies, and regulatory requirements to guide continuous improvement of the organization's security architecture posture.
• Communicate complex security concepts to both technical and non-technical stakeholders, enabling informed decision-making at all levels.

• You'll have a bachelor's degree or equivalent., * 8+ years of experience in Application Security, Security Architecture, or related technical security roles.
• Deep expertise in Application Security practices, including secure coding, API security, microservices, container/Kubernetes security, DevSecOps, and security scanning tools.
• Proven experience designing secure application and cloud architectures (AWS, Azure). AWS or Azure Architecture certifications are a plus.
• Strong understanding of GenAI / LLM / Agentic AI security, including data governance, retrieval-augmented generation (RAG), model threats, and secure integration patterns.
• Strong knowledge of security frameworks and standards (e.g., OWASP ASVS, SAMM, NIST 800-53, NIST CSF, ISO 27001, CIS Controls).
• Hands-on experience with Threat Modeling methodologies, tools (e.g., IriusRisk, Microsoft Threat Modeling Tool), and risk assessment techniques.
• Knowledge of identity and access management, OAuth2/OIDC, JWT security, secrets management, key management (KMS), and zero-trust design principles.
• Experience with CI/CD pipeline security (GitHub, GitLab, Azure DevOps, Jenkins) and infrastructure-as-code security (Terraform, CloudFormation, ARM).
• Strong understanding of data security, encryption, privacy-by-design, and secure logging and monitoring practices.
• Excellent communication, collaboration, and stakeholder engagement skills, with the ability to influence and drive security adoption.
• Relevant security certifications are a plus: CISSP, CISM, CCSP, CSSLP, CEH, SANS/GIAC certifications, or cloud security certifications.

Base salary offers for this position may vary based on factors such as location, skills, and relevant experience. Some positions may include additional compensation in the form of bonus, equity or commissions. We offer the following benefits: Medical, Dental, Vision, Life Insurance, Matched Retirement Savings, Wellness Program, Short-and Long-Term Disability, Charitable Contribution Match, Holidays, Personal Days & Vacation, Paid Volunteer Time Off, and more. The compensation for this role is USD $91,900.00 - USD $246,240.00 / Year*

A little about ADP: We are a comprehensive global provider of cloud-based human capital management (HCM) solutions that unite HR, payroll, talent, time, tax and benefits administration and a leader in business outsourcing services, analytics, and compliance expertise. We believe our people make all the difference in cultivating a down-to-earth culture that embraces our core values, welcomes ideas, encourages innovation, and values belonging. We've received recognition for our work by many esteemed organizations, learn more at ADP Awards and Recognition, Ethics at ADP: ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click https://jobs.adp.com/life-at-adp/ to learn more about ADP's culture and our full set of values.