{"schemaVersion":"jobsearcher.job.v1","id":"e448b1cb5aca5bd24c145ce1","url":"https://jobsearcher.com/jobs/e448b1cb5aca5bd24c145ce1","canonicalUrl":"https://jobsearcher.com/jobs/e448b1cb5aca5bd24c145ce1","title":"Lead Application Security Architect (Hybrid)","description":"Lead Application Security ArchitectEversource will not offer immigration-related sponsorship for this position. Applicants who require immigration sponsorshipeither now or in the futureshould not apply. This includes, but is not limited to, direct company sponsorship, listing Eversource as the employer of record on immigration documents, or any work authorization that requires company involvement or documentation (e.g., H-1B, OPT, STEM OPT, CPT, TN, J-1, O-1, etc.).\r\nEversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change, based on managerial discretion and work performance. All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change.\r\nAs the Lead Application Security Architect, and as part of the Cybersecurity Architecture team at Eversource, you will lead a team that works alongside other cybersecurity specialists within the Cybersecurity, Network, and Compliance organization. You'll have the opportunity to shape Application Security and collaborate across multiple business lines and technical domains. One of your primary tasks will be a focus on security issues involving secure coding and secure design. You will lead a team and assist others in resolving security issues by offering alternative coding solutions and other means. You will also work with project teams and business management to promote a security mindset. The Lead Application Security Architect will interact closely with the technology and business colleagues associated with projects. They will deliver project level planning, design, and implementation of security solutions and controls related to Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning). You will aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity.\r\nEssential Functions:Lead application security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.\r\nCultivate security culture with your product technology and business colleagues. Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea.\r\nServe as an application security thought leader. Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk. Serve as an appsec cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.\r\nFoster a culture of innovation, collaboration, and continuous improvement by developing and maintaining security policies, and testing and evaluating security tools and products.\r\nTechnical Knowledge/Skill/Education/Licenses/Certifications:Technical Knowledge/Skill:\r\n5+ years of senior level Cyber Security experience required.\r\nMust have experience leading mid to large security initiatives and managing small teams within Security.\r\nMust have a background performing cybersecurity code analysis. This includes identifying and resolving false positives, explaining vulnerabilities in simple terms to project teams, and serving as an escalation point for the appsec team.\r\nMust have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.\r\nMust have experience with DevSecOps and Agile methodology.\r\nMust be able to produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.\r\nExperience with cloud methodology and terminology. Experience working with cloud-based platforms and applications. Experience with Azure is preferred.\r\nExperience with implementing and using static and dynamic analysis tools. Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred. Experience performing or interpreting penetration testing is preferred.\r\nExperience with automating security operations within CICD workflows preferred.\r\nExperience in writing code using a major programming language is preferred. Specifically,.NET.\r\nExhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.\r\nBe familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.\r\nEducation:\r\nBachelor's Degree in Engineering, Computer Science, Data Science, Information Technology or related experience\r\nExperience:\r\n10 years related experience that includes 5 years of Senior level cyber security experience and:\r\nExperience in Cross Domain Solutions\r\nMust have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.\r\nExperience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).\r\nExposure to projects using an Agile methodology and DEVSECOPS environment.\r\nExperience leading mid to large security initiatives\r\nLicenses & Certifications:\r\nCertification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.\r\nIndustry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.\r\nWorking Conditions:Must be available to work emergency restoration assignment as required.\r\nMust be available to travel between MA/CT/NH as necessary.\r\nCompetencies:\r\nBuild trusting relationships\r\nManage and develop people\r\nFoster teamwork and cross-functional collaboration\r\nLead change\r\nCommunicate strategic vision\r\nCreate an engaged workforce\r\nFocus on the customer\r\nTake ownership & accountability\r\nCompensation and Benefits:\r\nEversource offers a competitive total rewards program. Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive. The annual salary range for this position is:\r\n$156,260.00-$173,620.00\r\nWorker Type: Regular\r\nNumber of Openings: 1\r\nEmergency Response: Responding to emergency situations to meet customers' needs is part of every employee's role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.\r\nEEO Statement: Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status. VEVRRA Federal Contractor","company":"Eversource","rawCompany":"eversource","city":"Berlin","state":"CT","isRemote":false,"isActive":false,"createdAt":"2026-04-09T08:18:32.879Z","occupations":[{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Lead Application Security Architect (Hybrid)","description":"Lead Application Security ArchitectEversource will not offer immigration-related sponsorship for this position. Applicants who require immigration sponsorshipeither now or in the futureshould not apply. This includes, but is not limited to, direct company sponsorship, listing Eversource as the employer of record on immigration documents, or any work authorization that requires company involvement or documentation (e.g., H-1B, OPT, STEM OPT, CPT, TN, J-1, O-1, etc.).\r\nEversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change, based on managerial discretion and work performance. All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change.\r\nAs the Lead Application Security Architect, and as part of the Cybersecurity Architecture team at Eversource, you will lead a team that works alongside other cybersecurity specialists within the Cybersecurity, Network, and Compliance organization. You'll have the opportunity to shape Application Security and collaborate across multiple business lines and technical domains. One of your primary tasks will be a focus on security issues involving secure coding and secure design. You will lead a team and assist others in resolving security issues by offering alternative coding solutions and other means. You will also work with project teams and business management to promote a security mindset. The Lead Application Security Architect will interact closely with the technology and business colleagues associated with projects. They will deliver project level planning, design, and implementation of security solutions and controls related to Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning). You will aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity.\r\nEssential Functions:Lead application security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.\r\nCultivate security culture with your product technology and business colleagues. Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea.\r\nServe as an application security thought leader. Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk. Serve as an appsec cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.\r\nFoster a culture of innovation, collaboration, and continuous improvement by developing and maintaining security policies, and testing and evaluating security tools and products.\r\nTechnical Knowledge/Skill/Education/Licenses/Certifications:Technical Knowledge/Skill:\r\n5+ years of senior level Cyber Security experience required.\r\nMust have experience leading mid to large security initiatives and managing small teams within Security.\r\nMust have a background performing cybersecurity code analysis. This includes identifying and resolving false positives, explaining vulnerabilities in simple terms to project teams, and serving as an escalation point for the appsec team.\r\nMust have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.\r\nMust have experience with DevSecOps and Agile methodology.\r\nMust be able to produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.\r\nExperience with cloud methodology and terminology. Experience working with cloud-based platforms and applications. Experience with Azure is preferred.\r\nExperience with implementing and using static and dynamic analysis tools. Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred. Experience performing or interpreting penetration testing is preferred.\r\nExperience with automating security operations within CICD workflows preferred.\r\nExperience in writing code using a major programming language is preferred. Specifically,.NET.\r\nExhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.\r\nBe familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.\r\nEducation:\r\nBachelor's Degree in Engineering, Computer Science, Data Science, Information Technology or related experience\r\nExperience:\r\n10 years related experience that includes 5 years of Senior level cyber security experience and:\r\nExperience in Cross Domain Solutions\r\nMust have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.\r\nExperience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).\r\nExposure to projects using an Agile methodology and DEVSECOPS environment.\r\nExperience leading mid to large security initiatives\r\nLicenses & Certifications:\r\nCertification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.\r\nIndustry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.\r\nWorking Conditions:Must be available to work emergency restoration assignment as required.\r\nMust be available to travel between MA/CT/NH as necessary.\r\nCompetencies:\r\nBuild trusting relationships\r\nManage and develop people\r\nFoster teamwork and cross-functional collaboration\r\nLead change\r\nCommunicate strategic vision\r\nCreate an engaged workforce\r\nFocus on the customer\r\nTake ownership & accountability\r\nCompensation and Benefits:\r\nEversource offers a competitive total rewards program. Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive. The annual salary range for this position is:\r\n$156,260.00-$173,620.00\r\nWorker Type: Regular\r\nNumber of Openings: 1\r\nEmergency Response: Responding to emergency situations to meet customers' needs is part of every employee's role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.\r\nEEO Statement: Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status. VEVRRA Federal Contractor","datePosted":"2026-04-09T08:18:32.879Z","dateModified":"2026-04-09T08:18:32.879Z","hiringOrganization":{"@type":"Organization","name":"Eversource","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Berlin","addressRegion":"CT","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"e448b1cb5aca5bd24c145ce1"},"url":"https://jobsearcher.com/jobs/e448b1cb5aca5bd24c145ce1"}}