Principal Application Security Architect

The Principal Application Security Architect will be responsible for ensuring that security principles and best practices are embedded into the organization's technology landscape.

What You'll Do

• Develop and maintain enterprise-wide security architecture frameworks, standards, and guidelines.
• Lead the design and review of secure systems architecture for cloud, on-premise, and hybrid environments.
• Collaborate with application development, infrastructure, and operations teams to integrate security controls throughout the system development lifecycle.
• Lead adoption of Secure-by-Design by maintaining Shift Left application security quality gates with key DevSecOps stakeholders.
• Conduct security architecture assessments, threat modeling, and risk analysis for new initiatives and existing systems.
• Evaluate emerging security technologies and recommend solutions that align with enterprise security strategy.
• Collaborate with the legal and compliance teams to ensure adherence to relevant laws, regulations, and standards.
• Liaise with external vendors, auditors, and partners to assess and improve the organization's security posture.
• Lead hands-on integration of application security and DevSecOps practices by working directly with development teams to embed secure coding standards, automated security controls, and risk-based guardrails throughout the SDLC and CI/CD pipelines.
• Design and implement cloud and SaaS application security solutions across platforms such as AWS, Azure, Salesforce, Snowflake and enterprise SaaS tools, balancing regulatory requirements, risk management, and developer velocity in a highly regulated environment.

Minimum: Indicate minimum education, skills and experience required.

• Strong knowledge of security architecture principles, frameworks, and best practices.
• Deep understanding of current security technologies, including network security, application security, cloud security, and identity and access management.
• Proven experience in conducting security risk assessments and developing risk mitigation strategies.
• Strong knowledge of industry standards and regulations.
• Exceptional analytical and problem-solving abilities, with a strategic mindset.
• Excellent communication and collaboration skills, with the ability to effectively interact with stakeholders at all levels of the organization.
• Must have recent agile application development and TDD experience.
• Demonstrated, hands-on experience recommending and implementing secure coding practices, application threat modeling, and integration of security tooling into agile development workflows.
• Experience defining and operationalizing application security in cloud or SaaS environments, with the ability to grow into broader platform, vendor, and enterprise integrations over time as part of the role.

Preferred: Indicate "nice to haves" regarding education, skills, and experience.

• Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree is preferred.
• 8+ years of experience in security architecture, information security, or a related field, focusing on enterprise-scale environments.

The Americans with Disabilities Act

The Americans with Disabilities Act of 1990 (ADA) prohibits discrimination by employers, in compensation and employment opportunities, against qualified individuals with disabilities who, with or without reasonable accommodation, can perform the "essential functions" of a job. A function may be essential for any of several reasons, including: the job exists to perform that function, the employee holding the job was hired for his/her expertise in performing the function, or only a limited number of employees are available to perform that function.

• Competitive base salaries
• Bonus incentives
• Generous PTO, Floating Holidays and 12 Federal Holidays observed
• Support for financial-well-being and retirement 401k with employer match
• Comprehensive medical, dental, vision, hospital indemnity, critical illness, pet insurance and more
• Employer paid short-term/long-term disability and basic life insurance
• Flexible hybrid working arrangements.
• Paid parental leave and adoption reimbursement programs
• Free access to on-site staffed fitness centers (in Delaware) and gym subsidy (for locations outside Delaware)
• Confidential counseling support (EAP), Health Advocacy services and Wellness program with financial incentives
• Tuition Reimbursement and Family Scholarship Programs
• Career development and training opportunities

When you join Sallie Mae, you become a champion for all students. We're on a mission to power confidence as students begin their unique journey. To help them plan their higher education, successfully finish, and prepare for life after school. To help them Start smart. Learn big. Students need guidance navigating this important time in their life. They need someone who acknowledges that their education path is unique. They need a partner willing to evolve and not only meet but surpass their expectations. We're changing. Because students need a better way. We're looking for people who are excited to drive this transformation. To break barriers and think of new ways to adapt, help, and create better experiences for students-and for each other. This is where diverse backgrounds, beliefs, and perspectives matter. It's where you're empowered to bring your authentic self to work. Feeling your best allows you to do your best. Our benefits take care of the whole you-from physical and mental to financial and professional. You'll get opportunities to further your education and career, support for you and your family (including your pets!), paid time off to volunteer for the things that matter to you, and more. We're obsessed with impact and making a real difference. For us, that means putting relationships first, asking "why not?" when tackling challenges, and continuously learning new skills. Come do more than join something, change something. For students, for future generations, for the future of education.