Application Security Architect

Summary

Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations more strict, organizations struggle to answer one key question: “Is my data safe?"

At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe the most practical approach is protecting data from the inside out. We’ve built the industry’s first fully autonomous Data Security Platform to help our customers dramatically reduce risk with minimal human effort.

At Varonis, we move fast. We’re an ultra-collaborative company with brilliant people who care deeply about the details. Together, we’re solving interesting and complex puzzles to keep the world’s data safe.

We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.

We’re seeking a Senior Application Security Architect to join the AppSec Security team and help secure Varonis’ products and services across multiple cloud environments. This role is pivotal in embedding security into the software development lifecycle, driving architectural security decisions, and ensuring alignment with industry frameworks such as NIST CSF, OWASP ASVS, MITRE ATT&CK, and CSA Cloud Controls Matrix. You’ll work closely with engineering, product, and compliance teams to proactively manage risk and build secure-by-design systems.

Reporting to: Director of Product Security

Key Responsibilities:

• Lead security architecture design and reviews for cloud-native and hybrid applications.
• Conduct and facilitate threat modeling and secure design reviews for new and existing services.
• Champion Secure SDLC practices and integrate security controls into CI/CD pipelines.
• Evaluate and implement security tooling (e.g., SAST, DAST, RASP, CSPM, SIEM, WAF).
• Perform cloud security assessments and support regulatory compliance (e.g., SOC 2, FedRAMP).
• Collaborate with engineering and product teams to embed security into product roadmaps.
• Guide remediation of vulnerabilities and track risk mitigation progress.
• Participate in penetration testing, red team exercises, and risk assessments.
• Stay current with emerging threats, especially in AI/ML systems and cloud-native architectures.
  
  

• 5+ years in application or product security architecture roles, preferably in SaaS/cloud environments.
• Deep expertise in cloud security (AWS, Azure), including Kubernetes (EKS, AKS).
• Strong understanding of cryptography, TLS, OAuth2, OIDC, SAML, and identity federation.
• Proven experience with OWASP, NIST CSF, MITRE ATT&CK, and CSA CCM frameworks.
• Familiarity with AI security risks and frameworks (e.g., NIST AI RMF, MITRE ATLAS).
• Proficiency in security tooling and automation across the SDLC.
• Solid grasp of Windows and Linux security fundamentals.
• Strong communication and stakeholder engagement skills.
  
  

• Background in software engineering or DevSecOps.
• Certifications: CISSP, OSCP, CCSP, CISM, or equivalent.
• Experience with large-scale SaaS platforms and multi-tenant architectures.
• Familiarity with AI/ML pipelines and securing LLM-based applications.