Product Security Architect

Summary

Join BeyondTrust as a Product Security Architect to design and implement secure software products and services. Collaborate with engineering, architecture, and product teams to integrate security into all phases of the SDLC. Lead threat modeling, provide architectural guidance, and mentor senior application security engineers. Establish and expand a Security Champions program to foster a security-first culture. Contribute to the evolution of security architectural patterns, threat modeling frameworks, and secure coding guidelines. Translate emerging threats into actionable guidance and participate in vendor/tool evaluations. Measure the impact of secure design practices through metrics and dashboards.

Requirements

• 8+ years of experience in application or product security, with at least 3 years in a security architecture or advisory role
• Deep understanding of modern application architectures (cloud-native, microservices, APIs, containers)
• Strong experience with threat modeling, architecture risk analysis, and secure design patterns
• Demonstrated success in influencing engineering teams without direct authority
• Hands-on experience with application security testing methodologies and tooling (e.g., SAST, SCA, DAST, IAST)
• Working knowledge of secure development practices and SDLC integration
• Familiarity with AWS security best practices and/or similar cloud environments
• Strong communication skills with both technical and executive audiences
• Proven ability to lead cross-functional security initiatives and drive cultural change
• A builder mindset with the ability to create programs, frameworks, and influence at scale

Responsibilities

• Lead threat modeling efforts across key products and services, collaborating with engineering teams to proactively identify and mitigate design risks
• Drive secure design consultations by partnering with product architects and developers on new feature development, architecture reviews, and major refactors
• Establish and scale a Security Champions program, empowering developers to take ownership of security within their teams
• Mentor and guide senior application security engineers, helping them grow in technical depth and impact
• Serve as a thought leader for product and application security, influencing both strategy and day-to-day decision making
• Evangelize and foster a security-first culture by conducting workshops, brown bags, and embedding security touchpoints into development processes
• Collaborate with engineering and DevSecOps to ensure security practices are embedded in CI/CD, infrastructure-as-code, and cloud-native workflows
• Create and evolve security architectural patterns, threat modeling frameworks, and secure coding guidelines
• Translate emerging threats into actionable guidance for engineering and product teams
• Participate in vendor/tool evaluations for secure design, architecture validation, and developer enablement
• Contribute to security metrics and dashboards to measure adoption, maturity, and impact of secure design practices

Preferred Qualifications

• Master’s degree in Computer Science, Information Security, or a related field
• Experience designing or operating a Security Champions program
• Experience in security training, enablement, or developer coaching