Job Closed
This listing is no longer active.
Architect II – Application Security (DevSecOps Focus)
Location
United States + 1 moreAll locations: United States | Puerto Rico
Posted
94 days ago
Salary
$112K - $190K / year
Seniority
Mid Level
Job Description
Architect II – Application Security (DevSecOps Focus)
Careers Mutual Of Omaha
This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description - Lead the DevSecOps strategy by defining how application security controls, testing, and policy enforcement are embedded into CI/CD pipelines, including AI-assisted development workflows and agent-driven automation, to support rapid, secure software delivery. - Architect security-by-design patterns for modern and AI-assisted application development, including secure frameworks, reusable controls, and pipeline integrations that developers can adopt with minimal friction. - Partner with engineering and platform teams to integrate security requirements into build, test, deployment workflows, and AI-enabled development workflows, ensuring emerging AI coding practices align with secure SDLC expectations and aligning security outcomes with business and delivery objectives. - Establish security governance and guardrails for AI-driven development trends, including LLM-assisted coding, autonomous DevOps agents, and AI-generated code, ensuring appropriate review, traceability, and risk management as these capabilities expand across the organization in coordination with AI governance and engineering teams. - Design and evolve application security telemetry and detection, ensuring meaningful signals flow into enterprise monitoring and response capabilities while minimizing noise and operational overhead. - Provide architectural leadership and mentorship, working with other Security Architects and cross-functional teams to align AppSec initiatives with enterprise security and technology strategies. Qualifications - Framework fluency, including OWASP Top 10, ASVS NIST CSF 2.021, and MITRE ATT&CK, with the ability to operationalize them within DevSecOps workflows. - Technical Experience: 5–10 years of progressive experience in application development, platform engineering, or application security, with demonstrated ownership of designing and embedding scalable application security capabilities into DevSecOps pipelines. - Strategic application security mindset with the ability to translate risk, threats, and regulatory requirements into practical DevSecOps controls that scale across teams. - Hands-on DevSecOps experience, including integrating SAST, DAST, SCA, IaC scanning, secrets detection, and policy enforcement into CI/CD pipelines. - Strong automation and pipeline integration skills, leveraging scripting, APIs, AI tooling, and security platforms to streamline secure development and reduce manual processes. - Cloud-native application security expertise, including secure design patterns for AWS and SaaS platforms, identity-driven access controls, and secure service-to-service communication. - Influential communication and leadership skills, with experience guiding developers, mentoring engineers, and aligning technical security decisions with business priorities. - Promote a culture of diversity and inclusion, value different ideas and opinions, and listen courageously, remaining curious in all that you do. - Able to work remotely with access to a high-speed internet connection and located in the United States or Puerto Rico. Requirements - Bachelor's Degree in IT Security, Computer Science or related field (preferred). - Security or architecture certifications, such as CISSP, ISSAP, CSSLP, CASP+, CASE or relevant GIAC certifications (preferred). - Proven experience delivering architecture artifacts, such as secure reference architectures, threat models, and developer-facing security standards that improve adoption and consistency (preferred). - Proven experience in CI/CD Pipeline Technologies, such as GitHub, JFrog Xray, Wiz, SonarCube, etc. (preferred). Benefits - Estimated Salary: Minimum: $112,000 MidPoint: $151,000 Maximum: $190,000, plus annual bonus opportunity. - 401(k) plan with a 2% company contribution and 6% company match. - Work-life balance with vacation, personal time, and paid holidays.
Job Requirements
- Framework fluency, including OWASP Top 10, ASVS NIST CSF 2.021, and MITRE ATT&CK, with the ability to operationalize them within DevSecOps workflows.
- Technical Experience: 5–10 years of progressive experience in application development, platform engineering, or application security, with demonstrated ownership of designing and embedding scalable application security capabilities into DevSecOps pipelines.
- Strategic application security mindset with the ability to translate risk, threats, and regulatory requirements into practical DevSecOps controls that scale across teams.
- Hands-on DevSecOps experience, including integrating SAST, DAST, SCA, IaC scanning, secrets detection, and policy enforcement into CI/CD pipelines.
- Strong automation and pipeline integration skills, leveraging scripting, APIs, AI tooling, and security platforms to streamline secure development and reduce manual processes.
- Cloud-native application security expertise, including secure design patterns for AWS and SaaS platforms, identity-driven access controls, and secure service-to-service communication.
- Influential communication and leadership skills, with experience guiding developers, mentoring engineers, and aligning technical security decisions with business priorities.
- Promote a culture of diversity and inclusion, value different ideas and opinions, and listen courageously, remaining curious in all that you do.
- Able to work remotely with access to a high-speed internet connection and located in the United States or Puerto Rico.
- Bachelor's Degree in IT Security, Computer Science or related field (preferred).
- Security or architecture certifications, such as CISSP, ISSAP, CSSLP, CASP+, CASE or relevant GIAC certifications (preferred).
- Proven experience delivering architecture artifacts, such as secure reference architectures, threat models, and developer-facing security standards that improve adoption and consistency (preferred).
- Proven experience in CI/CD Pipeline Technologies, such as GitHub, JFrog Xray, Wiz, SonarCube, etc. (preferred).
Benefits
- Estimated Salary: Minimum: $112,000 MidPoint: $151,000 Maximum: $190,000, plus annual bonus opportunity.
- 401(k) plan with a 2% company contribution and 6% company match.
- Work-life balance with vacation, personal time, and paid holidays.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Information Systems Security Engineer
Ultra Intelligence & CommunicationsDelivering decision advantage to mission partners worldwide
• Lead implementation and sustainment of NIST SP 800-171 controls and CMMC Level 2 practices. • Develop and maintain compliance artifacts: SSPs, POA&Ms, Asset inventories, boundary definitions, Network and data flow diagrams. • Conduct internal gap assessments and readiness reviews for CMMC. • Support evidence collection and technical walkthroughs during audits. • Translate compliance requirements into actionable technical work items. • Design, implement, and harden on-premise systems supporting CUI environments (Windows/Linux servers, AD/Entra ID hybrid, virtualization, network segmentation). • Implement and tune technical security controls, including: Identity & access management (MFA, least privilege, RBAC), Endpoint security (EDR, device hardening, patching), Vulnerability scanning and remediation, Centralized logging and monitoring (SIEM), Secure configuration baselines (CIS/STIG-aligned). • Partner with IT infrastructure to implement network security controls (firewalls, VLANs, NAC, secure remote access). • Support secure system builds, change management, and incident response in CUI environments. • Help integrate security into on-prem and hybrid architectures (VMware/Hyper-V + cloud where applicable).
Security Engineer – AI Calling
T-Systems International#rethinkthesystem #peoplemakeithappen #LetsPowerHigherPerformance #questiontodaycreatetomorrow
• At the Telco Hub in Madrid, we are pioneers in merging IT and Telco, building and scaling Telco as a Platform (TaaP) on our proprietary layered cloud. • Our teams operate in cross-country and cross-functional squads, delivering cutting-edge services to Europe's most valued Operator. • Our mission is to create the best customer experience based on three core principles: Cloud-based, Automated, and Sustainable. • We work as a DevOps team, taking full responsibility from design and engineering to deployment and operation. • One of our next major challenges is the development of a new AI Calling system, built on DT Technik’s CaaS Kubernetes platform, enabling real-time speech processing and translation within IMS call flows.
Firewall Engineer
CC Pace SystemsCC Pace is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws. CC Pace is committed to employing only candidates who are legally authorized to work in the United States. CC Pace values integrity throughout our hiring process.
This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a Firewall Engineer to manage and support our firewall infrastructure, with a focus on security policy optimization and incident response. Key Responsibilities - Manage Palo Alto and Checkpoint Firewalls - Remediate overly permissive firewall rules - Manage firewalls in Azure environments - Support daily operations of firewall security policies - Participate in incident response and troubleshooting - Work independently on assigned firewall tasks Qualifications - Demonstrated experience managing Palo Alto and Checkpoint Firewalls - Experience with firewall rule remediation and optimization - Experience managing firewalls in Azure environments - Strong ability to work independently - Understanding of Splunk Requirements - Incident response and troubleshooting experience - Proactive approach to firewall security policy management Company Description CC Pace is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws. CC Pace is committed to employing only candidates who are legally authorized to work in the United States. For us to comply with the Immigration Reform and Control Act of 1986, all new employees, as a condition of employment, must complete the Employment Eligibility Verification Form I-9 and provide documentation that establishes identity and authorization to work. E-Verify will be used for employment verification as part of your onboarding process. CC Pace values integrity throughout our hiring process. As part of our standard verification procedures, candidates will be asked to provide documentation confirming employment history, education, and work authorization.
• Engineer Zero‑Trust access controls across workforce and service identities • Harden privileged access by migrating administrators to right‑size entitlements • Stand up SaaS security posture monitoring for various platforms • Instrument identity metrics collection and tracking • Contribute and drive architecture & standards
