Key skills
AzureCloudDistributed SystemsDockerKubernetesLinuxSDLC.NETC#CAISaaSCI/CDRisk ManagementCollaboration
About this role
Role Overview
- Define and maintain security reference architectures, standards, and reusable patterns for modern distributed systems and SaaS platforms.
- Lead security design reviews for major platform changes, modernization initiatives, and new service development.
- Create “secure defaults” that reduce risk while improving engineering throughput and consistency.
- Embed secure development practices into how teams plan, build, test, and ship software (AI & automation-first).
- Partner with engineering teams to implement scalable guardrails in CI/CD (policy, validation, prevention) without slowing delivery.
- Improve secure delivery practices including dependency risk management, secrets hygiene, and build/release integrity.
- Drive threat modeling as a standard engineering practice for meaningful architecture changes and new feature development.
- Ensure threats are translated into real mitigations (architecture decisions, code changes, and automated validation).
- Help teams proactively reduce risk by identifying trust boundaries, data flows, and attack paths early.
- Establish secure patterns for containerized systems: image standards, runtime protections, network segmentation, and least-privileged service access.
- Partner with platform engineering on Kubernetes and Azure security posture, including identity boundaries and secure workload patterns.
- Build scalable guardrails that work across environments and teams—security that grows with the platform.
- Build shared libraries, templates, SDKs, and platform components that make secure development the easiest path.
- Contribute directly to production services and platform capabilities when needed to deliver secure patterns quickly.
- Automate security controls and reduce repetitive work through tools and developer experience improvements.
- Drive alignment across Architecture, Engineering, Compliance, and Product to close open audit issues and prevent recurrence.
- Communicate clearly: write actionable guidance, design docs, and decision records that engineers actually use.
- Serve as a trusted security partner—supporting teams with speed, clarity, and pragmatism.
Requirements
- 8+ years of experience in software engineering, including designing and building large-scale systems.
- 4+ years leading application security, product security, or enterprise security architecture in modern software environments.
- Strong development experience in C# / .NET with a track record of shipping real software (not just reviewing it).
- Practical expertise with Linux, Docker, Kubernetes, and cloud-native architecture patterns (Azure preferred).
- Experience implementing secure development practices and operationalizing them across teams.
- Working knowledge of threat modeling practices and how to integrate them into the SDLC.
- Ability to influence engineering orgs through technical credibility, collaboration, and clear decision-making.
- Experience/Exposure to leading AI based SDLC practices
Tech Stack
- Azure
- Cloud
- Distributed Systems
- Docker
- Kubernetes
- Linux
- SDLC
- .NET
Benefits
- Competitive pay
- Robust benefits
- Professional development opportunities