Senior Application Security Architect

Senior Application Security Architect - EMEA (UK, SP, other)

ADP is hiring a Senior Application Security Architect

Are you empathetic to client needs and inspired by transformation and impacting the lives of millions of people every day?

• Are you looking to join a dynamic, inclusive team environment with a culture of collaboration and belonging?

Well, this may be the role for you. Ready to securely design what's next?

In this role, you will work alongside passionate IT security practitioners and product development teams to enforce and deploy best product security architecture practices.

You will join the Product Security team within ADP's Global Security Organization (GSO) that is delivering consulting services and is responsible for influencing developers and architects in securing ADP's applications and products globally. The application security architects within the team have strong application security skills to design proper security, risk, and privacy controls for ADP applications.

The candidate will intervene as a security referent with R&D teams (architects, product managers, development engineers) to address security issues related to architecture design (cloud and on-prem), development practices, and application vulnerabilities, with a focus on Threat Modeling.

The application security architect will participate in cybersecurity projects or initiatives aimed at improving the security culture among development teams or to deliver new security standards according to the evolution of technologies and risks.

The applicant would be able to conduct technical analysis of application security and business security problems, as well as threats and incidents. You have experience explaining the prioritization of the security controls to be integrated as part of our Secure by Design model that internal teams will understand. As the architect partnered with all R&D teams at ADP, he/she must also have the ability to communicate well, motivate, and influence cross-functional teams.

WHAT YOU'LL DO:

Here's what you can expect on a typical day:

• Consulting: You will provide consulting services to software development teams on existing or new application architectures to help identify security needs, ensure compliance with security standards, and apply secure design patterns and best practices in software development.
• Application Security Architecture Reviews: You will conduct security reviews of ADP solution designs and architectures to identify potential threats and the security controls to implement. This includes using the Threat Modeling methodology, which you will explain to R&D teams. You will make decisions and take initiatives regarding security risks and influence the technical architecture. The solutions to review are ADP developed products which may embed Generative AI features, and also third-party products integrated into ADP's landscape.
• Influence on Developers and Architects: Communicate, gather, and collaborate with developers and architects from ADP development teams to adopt security principles in their practices throughout the software lifecycle.
• Prioritization Skills: You will prioritize technical controls based on the criticality of risks. Ensure that solution architects focus on the most critical standards and controls. Work with global R&D to implement controls and help quickly remediate the most critical vulnerabilities.
• Security Technology: You will participate in strategic projects aimed at providing comprehensive security solutions to enhance the security posture of web applications and APIs, and to apply secure development lifecycle principles (Shift-Left, Security by Design).
• Continuous Learning: Your thirst for learning will help you keep up with the constantly evolving technologies and threat landscape, maintaining your ability to assess new technologies and newly developed products. You are comfortable and thrive in an autonomous role, as this will be essential to your success.
• Policies and Standards: You will collaborate in maintaining and improving policies, standards, and best practices for application security.

TO SUCCEED IN THIS ROLE:

• You have 8+ years of experience in relevant skills gained and developed in the same or similar role.
• Experience in application security architecture in enterprise-class organizations.
• Expertise in application development across multiple languages and platforms.
• Experience in securing cloud environments (AWS, Azure, GCP) and containers.
• Must possess significant knowledge of Application Security, Web Application Design, Information Security, Databases, Common Coding practices.
• Experience creating technical security policies and standards.
• Expertise in building application-level Security, Risk, and Privacy controls into cloud applications.
• Knowledge of data encryption and key management.
• Knowledge of Identity and Access Management systems.
• Ability to perform risk assessments and threat modeling (like STRIDE model).
• Must be able to function in a dynamic environment subject to impromptu changes in schedules and priorities.
• Demonstrate well-developed organizational, written communication, and analytical skills.
• Knowledge of NIST Cybersecurity Framework, OWASP SAMM, OWASP Top10, and others.
• Programming Experience preferred.
• CISSP and other security certifications preferred.

YOU'LL LOVE WORKING HERE BECAUSE YOU CAN:

• Deliver at epic scale. We deliver real user outcomes using strong judgment and good instincts. We're obsessed with the art of achieving simplicity with a focus on client happiness and productivity.
• Be surrounded by curious learners. We align ourselves with other smart people in an environment where we grow and elevate one another to the next level. We encourage our associates to listen, stay agile, and learn from mistakes.
• Act like an owner & doer. Mission-driven and committed to leading change, you will be encouraged to take on any challenge and solve complex problems. No tasks are beneath or too great for us. We are hands-on and willing to master our craft.
• Give back to others. Always do the right thing for our clients and our community and humbly give back to the community where we live and work. Support our associates in times of need through ADP's Philanthropic Foundation.
• Join a company committed to equality and equity. Our goal is to impact lasting change through our actions.

What are you waiting for? Apply today!