4224 IT & Software Developer jobs in the US
AVP, Product Security Architect
$115,000 - 115,000
Synchrony Financial
Long Ridge Road 777, Stamford
$115,000 - 115,000
Requirements
Must:
- 7+ years in security architecture/engineering, focusing on application/product security in modern software environments.
- Proven ability to influence at the enterprise level, establishing standards and driving cross-team collaboration.
- Strong hands-on expertise in application and service security fundamentals, including authentication, authorization, session/token management, cryptographic concepts, secrets management, secure logging/monitoring design, and secure data management.
- Demonstrated experience in leading threat modeling efforts and creating robust architecture documentation (DFDs, trust boundaries, security requirements, risk assessments).
- Extensive knowledge of API security and common web/service vulnerabilities (e.g., OWASP Top 10 / API Security Top 10), with the capacity to translate risks into enforceable security patterns.
- Exceptional communication skills, capable of clearly articulating concepts to engineering teams and senior management, and producing high-quality architecture documentation.
- Proven track record of embedding security within product planning, influencing roadmaps, defining security requirements, and enhancing time-to-market through established best practices.
- Experience securing and integrating SaaS applications, including considerations for SSO/federation (SAML/OIDC), tenant/data isolation, audit logging, and shared responsibility alignment.
- Experience implementing service-to-service security patterns at scale, including workload identity, mTLS, authorization, and policy-as-code concepts.
- Familiarity with operationalizing security standards into engineering resources like shared libraries, templates, reference implementations, and runbooks.
- Knowledge of CI/CD-based security methodologies (SAST/DAST/SCA, secrets scanning, gating/exception workflows) and vulnerability management practices.
- Experience working within regulated environments, aligning architecture controls with established policies/standards.
- Preferred certifications: CISSP, CCSP, CSSLP, or equivalent.
- Ability and willingness to travel for business as required.
Responsibilities
- Establish the direction for product security architecture for designated portfolios, ensuring alignment of security architecture decisions with our technology strategy and risk appetite.
- Own and refine the Application Security Blueprint, which includes enterprise security standards, reference architectures, reusable patterns, and guardrails for consistent secure engineering.
- Act as a strategic collaborator with product and engineering leaders, influencing roadmaps and operating procedures to incorporate security as a core element of our processes.
- Lead architecture governance for application security by establishing review criteria, conducting design reviews, and overseeing remediation plans.
- Spearhead threat modeling initiatives by defining methodologies, setting expectations, and facilitating discussions for high-risk projects while documenting trust boundaries and security requirements.
- Define and standardize API security architectures, covering authentication/authorization, token strategies, schema validation, anti-automation, and rate limiting patterns.
- Define security control patterns for service-to-service communications in distributed systems, focusing on workload identity, authorization, mTLS, secrets management, and policy enforcement.
- Promote secure SDLC and platform controls, ensuring that engineering teams have the necessary security requirements, pipeline guardrails, and configuration guidelines.
- Set measurable outcomes for security initiatives and provide executive-level reporting on architecture risks and improvements.
- Mentor engineers and architects, enhancing their secure design capabilities and fostering better security decision-making through documentation and resources.
- Carry out additional duties or special projects as assigned.
Description
At Synchrony, we are committed to providing inclusive environments where individual skills and experiences are valued. As we seek an AVP, Product Security Architect, you will play a pivotal role in our application and SaaS ecosystem, setting high-level security architecture standards and guiding our teams toward secure-by-design practices. With a focus on collaboration and strategic influence, you will ensure that security is integrated into our product strategy and delivery processes effectively. We offer a competitive salary with an annual bonus potential and numerous benefits designed to support our employees. Join us in our mission to cultivate a workplace where everyone can belong, connect, and thrive.
Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️
You can find Software Architect salaries in the United States here.
How many Software Architect jobs are in the United States?
Currently, there are 4224 Architect openings. Check also: Cloud jobs, Security jobs, ElasticSearch jobs - all with salary brackets.
Is the US a good place for Software Architects?
The US is one of the best countries to work as a Software Architect. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.
Which companies are hiring for Software Architect jobs in the United States?
D3 Security Management Systems, The Dufresne Group (TDG), GINGER Telecom, GE Aerospace, AMZ Prep, Seakeeper, Inc., Safe Ship Moving Services among others, are currently hiring for Architect roles in the United States.
The company with most openings is Judge Group, Inc. as they are hiring for 303 different Software Architect jobs in the United States. They are probably quite committed to find good Software Architects.
The company with most openings is Judge Group, Inc. as they are hiring for 303 different Software Architect jobs in the United States. They are probably quite committed to find good Software Architects.