Application Security Architect

Title : Senior Application Security ArchitectLocation : McLean, VATarget Start Date : ASAPType : contractPay Rate : DOESenior Application Security ArchitectThe Senior Application Security Architect is responsible for designing, implementing, and governing enterprise-wide application security architecture and standards. This role establishes security frameworks, conducts architecture and design reviews, and leads strategic security initiatives that embed security across the software development lifecycle. The position requires strong technical depth, architectural thinking, and leadership, along with the ability to manage multiple priorities and collaborate effectively across teams.ResponsibilitiesDesign and establish enterprise application security architecture frameworks, reference models, and standards aligned with business objectives and risk toleranceLead application and system architecture reviews to identify security gaps and recommend appropriate controlsDevelop and maintain security baselines, standards, and reusable patterns for web, mobile, API, microservices, and cloud-native applicationsCreate and evolve threat modeling practices and facilitate threat modeling sessions with development teamsDefine secure coding standards and security requirements based on application type, data classification, and risk profileArchitect security solutions for authentication, authorization, encryption, and secure communicationsEstablish security guardrails for cloud-native, serverless, containerized, and infrastructure-as-code environmentsDesign and implement API security strategies, including identity flows, gateways, and rate limitingIntegrate security architecture principles into CI/CD pipelines to support DevSecOps initiativesEvaluate, select, and recommend application security tools and technologiesDevelop security architecture roadmaps and guide implementation of enterprise security capabilitiesPartner with development and platform teams to design secure solutions that balance security and business needsLead cross-functional security initiatives with enterprise-wide impactLeverage GenAI technologies to enhance security architecture reviews and automate security analysisMaintain documentation of security architecture decisions, patterns, and reference implementationsDevelop and deliver security architecture training and guidance for developers and architectsStay current with emerging security threats, technologies, and architectural best practicesPerform security design reviews for new applications and major system changesArchitect secure data handling practices, including encryption at rest and in transitQualificationsBachelor's degree in Computer Science, Information Security, or a related technical field5+ years of experience in application security, including at least 2 years in a security architecture roleDeep knowledge of secure design principles, threat modeling methodologies, and security architecture patternsExperience designing security controls for cloud environments such as AWS, Azure, or GCPProficiency evaluating and implementing application security tools, including SAST, DAST, IAST, and SCAHands-on experience with security testing and proxy toolsStrong understanding of secure software development practices and DevSecOps implementationIn-depth knowledge of OWASP Top 10, CWE/SANS, and related security standardsExperience with authentication and identity technologies including MFA, SSO, OAuth 2.0, SAML, and OIDCExperience designing and securing APIs and microservices architecturesKnowledge of regulatory requirements and their impact on application architectureProficiency in one or more programming languages, preferably Java, Python, or JavaScriptExperience performing secure code reviews and identifying common vulnerability patternsUnderstanding of cryptographic protocols and secure implementation practicesExperience supporting modern application architectures such as SPAs, serverless, and container-based systemsStrong communication skills with the ability to explain complex security concepts to technical and non-technical audiencesExperience leading cross-functional initiatives and influencing stakeholdersRelevant certifications such as CSSLP, CISSP, or cloud security certifications are highly desirableThis role is ideal for a strategic security leader who can balance security requirements with business objectives while driving a more mature and resilient application security ecosystem.Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid.For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact.Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at .We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.