Senior Application Security

We are looking for an Application Security professional with strong expertise in Threat Modelling and Secure Design to help embed security into the application development lifecycle.

This role works closely with development, architecture, and business teams to identify security risks early and ensure applications are designed securely and in compliance with DLVN standards.

KEY RESPONSILBILITIES

Threat Modelling (35%):

• Lead threat modelling sessions with development and business teams
• Apply methodologies such as STRIDE and PASTA
• Document threats, risks, and mitigation plans

Secure Design (30%):

• Provide security input during application and API design reviews
• Define and promote reusable secure design patterns
• Support developers in integrating security controls early

Collaboration & Enablement (20%):

• Work with Agile teams to embed security requirements
• Deliver training/workshops on secure design and threat awareness
• Communicate security risks clearly to both technical and business stakeholders

Governance & Compliance (15%):

• Ensure threat modelling aligns with SSDLC checkpoints
• Support audits and compliance documentation
• Contribute to improving Application Lifecycle Management and Technology Standards policies.

• Bachelor’s degree in IT, Computer Science, or related field
• 4+ years of experience in application security or secure architecture
• Hands-on experience with threat modelling (STRIDE, PASTA, etc.)
• Strong knowledge of OWASP Top 10 and modern application architectures (APIs, microservices, cloud)
• Excellent communication and facilitation skills
• Experience in DevSecOps environments
• Knowledge of cloud security (Azure/AWS/GCP)
• Security certifications (CISSP, CSSLP, etc.)
• Good command of spoken and written English