Application Security Architect

HybridSalary not specified
Croatia

Job Description, Responsibilities & Requirements

About the Position

EPAM is looking for an Application Security Architect to join the Security practice to work directly with our biggest enterprise customers.

Responsibilities

  • Lead and coordinate Security Audits across the software development lifecycle: from Architecture, Process, Risk to Testing
  • Establish secure software development lifecycle (SSDLC) programs
  • Support software development teams in secure development methodologies, tools, and processes
  • Train Software Development teams in the areas of secure development
  • Build Secure Architecture and Design for the projects
  • Communicate with customers and teams, be able to convey the message about the importance of Secure Software Development Life Cycle, the ways of establishing it
  • Cooperate with all sub-teams: BAs, Developers, QAs; build consistent understanding of Security Requirements, main Threats, Mitigations implemented
  • Be able to communicate and coordinate work with other Security Teams – Cloud Security Engineers, Infrastructure Security Engineers, or Penetration Testers

Requirements

  • Software Development or Security-focused university degree OR equivalent experience
  • Motivation to develop and grow in the field of Security
  • Familiarity in one or more Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM, etc.)
  • Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling Tools
  • Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code Review
  • Familiarity with security threats, their implementation, and their classification
  • Understanding of main security concepts and principles
  • Understanding of main areas of protection and levels of defense

Nice to Have

  • Knowledge of cybersecurity tools within categories such as Static Code Analysis, Penetration Testing, and Intrusion Detection/Prevention
  • Understanding of Security Features and Mechanisms within one or more OS or development platforms/technologies
  • Skills in implementing mitigation mechanisms for different types of threats
  • Competency in working with established security standards and regulations and implementing their requirements
  • Familiarity with foundational principles of infrastructure security and penetration testing
  • Expertise in cloud security controls and policies
  • Relevant certifications like CISSP, CCSP, SANS GIAC, or similar qualifications are beneficial
  • Background in Cloud Security

Locations

  • City: Remote
  • Country: Croatia
  • Remote: Yes

Languages

  • English: Advanced

Job Details

Company name:
EPAM
Location:
Croatia
Work Mode:
Hybrid
Posted on TheJob:
Apr 6, 2026
Last checked:
Jul 6, 2026
Apply Now
© 2026 TheJob, Inc. All rights reserved.