Application Security Architect

ADP is hiring a Senior Application Security Architect - EMEA

Position Description

In this role, you will work alongside with passionate IT security partitioners and product development teams to enforce and deploy best product security architecture practices.

You will join the Product Security team within ADP's Global Security Organization (GSO) that is delivering consulting service and responsible for influencing developers and architects in securing ADP's applications and products globally. The application security architects within the team have strong application security skills to design in proper security, risk, and privacy controls to ADP applications.

The candidate will intervene as a security referent with R&D teams (architects, product managers, development engineers) to address security issues related to architecture design (cloud and on-prem), development practices, application vulnerabilities, with a focus on Threat Modeling.

The application security architect will participate in cyber security projects or initiatives aimed at improving the security culture among development teams or to deliver new security standards according to the evolution of technologies and risks.

The applicant would be able to conduct technical security analysis of application hosted in the cloud (AWS, Azure) or on-prem. You have experience explaining the prioritization of the security controls to be integrated as part of our Secure by Design model that internal teams will understand. As the architect partnered with all R&D teams at ADP, he/she must also have the ability to communicate well, motivate and influence cross functional teams.

• Collaborate with product teams in a multi-country environment to design and implement secure application architectures.
• Influence security champions, engineers, and other technologists to adopt secure functionality and strengthen security maturity.
• Utilize Threat Modeling tools to guide teams in creating architecture diagrams and identifying potential threats and countermeasures.
• Conduct security assessments and provide recommendations for remediation.
• Define secure architecture design patterns and application security best practices.
• Educate product teams on integrating security capabilities throughout the Software Development Life Cycle (SDLC).
• Assist in securely integrating third-party solutions into our existing systems.
• Stay updated on the latest security trends, threats, and technologies to continuously improve our security posture.

• Bachelor's degree in computer science, Information Security, or a related field.
• You have 10+ years of experience in IT environment related to product development and infrastructure.
• You have experience in leading IT security projects and experience in product management including practices related to Secure Software Development Life Cycle.
• You have expertise in application security architecture and public cloud architecture (AWS, Azure).
• AWS Architecture Certification is a plus.
• You have knowledge in GenAI security and its implications for application security.
• You have experience with Threat Modeling method and tools like IriusRisk.
• You have good understanding of security frameworks, standards, and best practices (NIST Cybersecurity Framework, OWASP SAMM, OWASP Top10, and others).
• You have excellent communication and collaboration skills, with the ability to explain complex security concepts to non-technical stakeholders.