We are seeking an experienced and hands‑on Cloud Product Security Architect to join a high‑performing security function supporting enterprise banking products and platforms.
This role will act as a lead security engineer responsible for safeguarding web, mobile, thick‑client, and distributed application environments through proactive security design, architecture assurance, and embedded security engineering practices.
The successful candidate will work closely with engineering, architecture, and product teams to reduce technical security risk, drive secure‑by‑design principles, and ensure robust security controls are implemented across cloud‑native and distributed systems.
This is a highly technical role suited to someone who enjoys deep engagement with engineering teams and operating within modern agile and DevSecOps environments.
Key Responsibilities
Security Architecture & Assessments
Conduct hands‑on security assessments across applications, platforms, and systems using secure‑by‑design principles
Perform threat modelling and architecture reviews to identify:
Design flaws
Cloud misconfigurations
Application security risks
Provide practical remediation guidance and embedded security recommendations
Security Control Design
Design and recommend security controls directly within application and platform architectures, including:
Identity and access management
Cryptographic protections
Network segmentation and isolation
Runtime security controls
Support secure architecture across cloud and distributed environments
Operate within agile engineering environments, embedding security into iterative delivery processes
Drive DevSecOps and Shift‑Left security practices across development teams
Support and validate automated security testing and compliance controls, including:
SAST
SCA
DAST
Collaborate closely with engineering teams to improve secure software development practices
Cloud Security & Governance
Lead the implementation and management of CSPM (Cloud Security Posture Management) capabilities
Continuously monitor and assess cloud environments for vulnerabilities and misconfigurations
Partner with security, infrastructure, and engineering teams to ensure adherence to security standards and regulatory requirements
Required Experience & Skills
6–8+ years’ experience focused on Product Security and Cloud Security
Previous experience working within financial services or highly regulated environments preferred
Strong understanding of secure application architecture and cloud security best practices
Hands‑on experience with application security tooling, including:
CodeQL
Veracode
Checkmarx
SonarQube
Experience implementing and supporting DevSecOps practices within engineering teams
Strong understanding of cloud‑native architectures and distributed systems
Experience conducting threat modelling, architecture reviews, and security assessments
Strong stakeholder engagement and communication skills with the ability to work directly with engineering and senior technical teams
Nice to Have
AWS or Azure Cloud Security certifications
Experience working with CSPM platforms
Exposure to banking, fintech, or enterprise‑scale digital product environments
Familiarity with API security and zero‑trust architecture principles
Personal Attributes
Hands‑on and technically curious
Proactive and solutions‑oriented
Strong collaborator with engineering and architecture teams
Comfortable challenging designs and driving security improvements
Able to balance security risk with practical delivery outcomes
#J-18808-Ljbffr