The Application Security Architect reports to the Chief Information Security Officer (CISO) within the Enterprise Information Risk and Security team. This role owns and leads Cognism’s Application Security Program, ensuring the protection of applications, systems, and data assets.

The Architect defines and enforces application security policies, standards, and architectures, ensuring alignment with Cognism’s risk profile, compliance obligations, and enterprise security strategy. Acting as a key security advocate, the role partners closely with Product, Technology, Architecture, and Operations leadership to embed security requirements across the full application lifecycle.

This position requires deep technical expertise, strong influencing skills, and the ability to think strategically while driving pragmatic, enterprise-wide security outcomes.

KEY RESPONSIBILITIES:

Application Security Strategy & Leadership - Own and lead Cognism’s enterprise Application Security Program, defining and evolving the application security strategy in alignment with business risk, compliance requirements, and organizational objectives. Champion Security-by-Design and DevSecOps principles across the enterprise.

Architecture, Standards & Design Governance - Define and maintain application security policies, standards, reference architectures, and design patterns. Provide security architecture guidance and design governance across application and platform initiatives, and develop and maintain application threat models integrated into the software development lifecycle.

DevSecOps & Secure Software Development - Define, implement, and continuously improve DevSecOps practices by embedding security controls into CI/CD pipelines and modern delivery models including cloud, containers, SaaS, and Infrastructure as Code. Establish security requirements and control objectives across all phases of solution development.

Risk Management & Advisory - Assess and manage security risks associated with application and system designs, providing expert advisory input on architecture, workflows, data, network, and platform decisions. Ensure applications operate within Cognism’s defined risk tolerance and compliance obligations.

Security Operations & Program Execution - Govern and oversee application-focused security operations initiatives, partnering with project and program management to maintain delivery velocity and drive remediation of identified application security risks.

Collaboration & Stakeholder Engagement - Partner with Product, Engineering, Architecture, and Operations leadership to embed security requirements into enterprise IT strategy. Act as a trusted advisor and advocate for application security, and disseminate enterprise security strategy and guidance across security and technology teams.

CORE COMPETENCIES:

• Clear, concise, and influential communicator

• Strong decision-making and problem-solving skills

• Results-driven with the ability to manage complexity and change

• Strategic thinker with the ability to lead transformation

• Collaborative partner who positions security as a business enabler

• Demonstrates strong commitment to Cognism values and risk-based security principles

EDUCATION & EXPERIENCE:

• Master’s degree in IT or equivalent experience (preferred)

• 10+ years in security engineering or security architecture leadership roles

• Experience building application security programs in modern cloud and SaaS environments

• Strong knowledge of regulatory privacy and security requirements (US & EU)

• Familiarity with industry frameworks and standards (e.g., ISO 2700x, NIST, OWASP, TOGAF)

• Hands-on experience with cloud platforms, CI/CD security tooling, and application security testing

• Proven ability to influence across a matrixed, global organization

CERTIFICATIONS

Must hold or obtain within six months one or more of the following:

• CISSP, CSSLP, CRISC, ISSAP

• AWS Certified Security – Specialty