The Cybersecurity Architect is a senior member of the ABS IT Cyber Security Team responsible for designing, implementing, and evolving enterprise-wide security architectures that safeguard ABS’s digital assets, data, systems, and applications. This role serves as a strategic advisor and technical leader, ensuring that security solutions are aligned with ABS’s business objectives, regulatory requirements, and risk management practices.

The role has a strong focus on application security and secure software development, including code security, software development security practices, and DevSecOps integration across the software development lifecycle (SDLC). The ideal candidate will bring deep technical expertise, business acumen, and a collaborative approach to partner with IT, business leaders, architects, engineers, and development teams in building a resilient and future-ready security posture.

What You Will Do:

• Architecture & Design: Define and maintain the enterprise security architecture, standards, and reference models to ensure consistent, secure, and scalable solutions across ABS, including cloud, on-premise, hybrid, and application environments. Review application, infrastructure, SaaS, cloud, and other designs and architectures from a cybersecurity perspective, leading to a risk and compliance-based architecture review outcome
• Application Security Leadership: Establish and promote application security architecture principles, secure design patterns, and security requirements for internally developed and third-party applications. Work with enterprise architecture to ensure secure, functional foundational platforms for application development.
• Secure SDLC Enablement: Embed security throughout the software development lifecycle by partnering with development and engineering teams to integrate secure coding, code review, threat modeling, and security testing practices.
• DevSecOps Integration: Drive the adoption of DevSecOps practices by integrating security controls, automated code scanning, vulnerability detection, and policy enforcement into CI/CD pipelines.
• Code Security Oversight: Provide guidance on code security practices, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), secrets detection, and remediation of vulnerabilities in source code and open-source dependencies.
  Strategic Alignment: Partner with IT and business leaders to embed security into technology roadmaps, digital transformation initiatives, and software product delivery.
• Risk Management: Identify, assess, and mitigate cybersecurity risks associated with applications, APIs, cloud platforms, development pipelines, and business processes.
• Governance & Compliance: Ensure alignment with regulatory frameworks, industry standards, secure development requirements, and ABS security policies.
  Technology Leadership: Evaluate, recommend, and implement emerging security technologies and practices related to application security, cloud security, and software assurance.
• Collaboration & Influence: Provide guidance to engineering, operations, platform, and development teams to integrate security into solution design, development, deployment, and ongoing support.
• Incident Preparedness: Contribute to security incident response planning and support investigations involving application-layer threats, software vulnerabilities, and code-related security issues.
• Thought Leadership: Serve as a subject matter expert, mentor team members, and represent ABS in internal and external cybersecurity forums as required.

What You Will Need:

Education and Experience

• 8+ years of progressive experience in cybersecurity, with at least 3 years in an architecture or senior security engineering role, including meaningful experience in application security, secure software development, or DevSecOps.
• Minimum: Bachelor’s degree in Computer Science, Information Security, Software Engineering, or a related field, or equivalent experience.
• Preferred: Master’s degree in Cybersecurity, Information Technology, Software Engineering, or related discipline.
• Experience in regulated industries such as maritime, energy, or financial services.
• Familiarity with Zero Trust architecture, advanced threat detection, software supply chain security, and emerging technologies including AI/ML in security and OT/ICS security.
• Demonstrated leadership in cross-functional teams and global, multicultural environments.
• Strong communication skills with the ability to influence technical and non-technical stakeholders.
• Experience collaborating directly with software developers, platform engineers, and product teams to improve security maturity across application development and delivery processes.

Knowledge, Skills, and Abilities

• Strong knowledge of security frameworks and standards such as NIST CSF, ISO 27001, CIS Controls, OWASP, and secure software development practices.
• Proven track record in designing and implementing enterprise security architectures across cloud, on-premise, hybrid, and application environments.
• Deep expertise in application security, including secure architecture, threat modeling, secure coding principles, API security, and vulnerability management.
• Hands-on experience with code security tools and practices, including SAST, DAST, SCA, container security scanning, secrets management, and code review processes.
• Strong knowledge of software development, security and integrating security requirements into Agile, DevOps, and CI/CD workflows.
• Demonstrated experience implementing and scaling DevSecOps practices in enterprise environments.
• Working knowledge of cloud security, IAM, encryption, endpoint protection, network security, and modern development platforms.
• Professional certifications such as CISSP, CSSLP, SABSA, TOGAF, CCSP, or other relevant cybersecurity/security architecture certifications are preferred.
• Working knowledge of the ABS Health, Safety, Quality, and Environmental Management System.m.

Reporting Relationships:

Reports to Cyber Defense Engineering group manager. May manage contractors and personnel as needed.

Notice: This position requires access to information that is subject to control by the Export Administration Regulations and/or the International Traffic in Arms Regulations. Any offer of employment shall be contingent upon the Company’s verification that the candidate is a “U.S. Person” or upon the receipt of all necessary export licenses or authorizations that may be required by U.S. export control laws. “U.S. Persons” are defined as U.S. citizens, U.S. lawful permanent residents (i.e., “green card” holders), or any individual granted protected status under the Immigration and Nationality Act (8 U.S.C. § 1324b(a)(3)), including asylees and refugees. In the event a candidate refuses or cannot otherwise provide the necessary information for the Company to determine whether such licenses may be required, or for the Company to obtain any required licenses, the Company shall maintain the exclusive right to discontinue the application process and/or withdraw any contingent offer that has been made.