Senior Application Security Architect

State Street
Quincy, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 203K

Job location

Quincy, United States of America

Tech stack

Training Data
API
Artificial Intelligence
Amazon Web Services (AWS)
Applications Architecture
Software System Penetration Testing
Architectural Patterns
User Authentication
Azure
Software as a Service
Cloud Engineering
Computer Security
Continuous Integration
Information Systems Security Architecture Professional
Open Web Application Security
Zero Trust Network Access
Sherwood Applied Business Security Architecture
Secure Coding
Software Engineering
Web Platforms
Enterprise Software Applications
Cloud Platform System
Spring Cloud
Large Language Models
Multi-Agent Systems
Software Security
Model Validation
Generative AI
Infrastructure as Code (IaC)
Togaf
Containerization
AI Platforms
Kubernetes
Information Technology
Cloud Migration
Devsecops
Serverless Computing
Static Application Security Testing
Microservices
Dynamic Application Security Testing

Job description

We are looking for a Senior Application Security Architect. You will be responsible for designing, reviewing, and governing security architectures for enterprise applications, APIs, cloud-native platforms, and AI-enabled systems. You will partner with software engineering, data science, cloud engineering, cybersecurity, and business teams to ensure security is embedded throughout the software and AI development lifecycles.

Why This Role Is Important To Us

The team you will be joining is part of the Security Architecture organization, a function that is critical to protecting the firm's applications, AI capabilities, data, and digital platforms. As applications increasingly leverage AI and machine learning technologies, this role is responsible for ensuring secure-by-design principles are applied consistently across traditional applications, cloud-native services, APIs, and AI-powered solutions.

What You Will Be Responsible For, * Design and review secure architectures for enterprise applications, APIs, cloud-native platforms, AI-enabled systems, and emerging technologies.

  • Define and maintain application security and AI security standards, architecture patterns, and security requirements.
  • Conduct security architecture reviews, threat modeling exercises, and design assessments for applications, APIs, and AI solutions.
  • Partner with application development, cloud engineering, AI engineering, and cybersecurity teams to embed security controls throughout the software and AI development lifecycles.
  • Provide subject matter expertise in secure coding, application security testing, API security, authentication, authorization, AI security, and data protection.
  • Assess security risks associated with applications, AI models, training data, prompts, agents, integrations, and third-party AI services.
  • Drive adoption of secure-by-design, Zero Trust, DevSecOps, and AI security best practices across the enterprise.
  • Evaluate emerging application security and AI security threats, technologies, and industry standards.

Requirements

  • Deep expertise in application security, secure software development, and modern application architectures.
  • Strong understanding of AI/ML security risks, Large Language Models (LLMs), agentic AI systems, prompt injection, model misuse, and AI supply chain security.
  • Experience securing cloud-native applications, APIs, microservices, containers, Kubernetes, and AI-enabled platforms.
  • Strong analytical, problem-solving, and risk assessment skills with the ability to evaluate both traditional and AI-specific security threats.
  • Strong communication and stakeholder management skills with the ability to collaborate across architecture, engineering, cybersecurity, cloud, and data science teams., * Degree in Computer Science, Cybersecurity, Information Technology, Engineering, Data Science, or a related discipline.
  • 14 years or more of experience in application security, software engineering, security architecture, AI security, or related technology disciplines with at least 8 years of hands-on cybersecurity experience preferred.
  • Demonstrated experience designing and securing enterprise-scale applications across cloud, SaaS, hybrid, and on-premises environments.
  • Deep expertise in secure software development lifecycle (SSDLC), OWASP Top 10, API security, secure coding practices, and application security testing methodologies.
  • Strong understanding of AI/ML architectures, LLMs, Retrieval-Augmented Generation (RAG), agentic systems, model security, prompt security, and responsible AI principles.
  • Experience with cloud-native technologies, containers, Kubernetes, CI/CD pipelines, DevSecOps practices, and Infrastructure as Code (IaC).
  • Experience conducting threat modeling, architecture reviews, penetration test remediation, and risk assessments for applications and AI-enabled solutions.
  • Familiarity with SAST, DAST, IAST, software composition analysis (SCA), API security testing, model validation, and AI security assessment techniques.
  • Professional certifications such as CISSP, CSSLP, CCSP, TOGAF, SABSA, AWS Security Specialty, Azure Security Engineer, AI Security, or equivalent certifications are highly desirable.
  • Experience within financial services or other highly regulated industries is preferred., * Experience supporting enterprise application modernization, cloud transformation, DevSecOps, and AI adoption initiatives.
  • Ability to work effectively with application development, AI engineering, cloud engineering, architecture, and cybersecurity teams in a global environment.
  • Limited travel may be required based on business needs.

Benefits & conditions

3.43.4 out of 5 stars Quincy, MA Hybrid work $120,000 - $202,500 a year - Full-time, Pulled from the full job description

  • Health insurance
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Dental insurance
  • Employee assistance program
  • Disability insurance, Shift: Standard business hours with flexibility to support global stakeholders across multiple time zones.

Salary Range: $120,000 - $202,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans., We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

About the company

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

Apply for this position