Director, Application Security Architecture & Threat Modeling
- Innovate with Purpose: Build impactful solutions for customers worldwide.
- Join Excellence: Work in a diverse, collaborative, and innovative team.
- Shape the Future: Lead in redefining revenue optimization.
- Grow Together: Unlock your potential in a supportive environment.
About the Role
We're looking for a hands-on and strategic Director, Application Security Architecture & Threat Modeling to help shape secure-by-design principles across our SaaS platforms, cloud environments, and AI-enabled products.
In this role, you'll partner closely with Engineering, Product, Cloud Operations, Architecture, AI, and Security teams to embed security early in the development lifecycle. You'll lead application security architecture, threat modeling, secure design reviews, and AI security initiatives while helping teams build scalable, resilient, and secure solutions.
This is a highly visible leadership role reporting directly to the VP & Chief Information Security Officer.
What You'll Do
Lead Security Architecture & Secure-by-Design
- Define and execute the Security Architecture and Security-by-Design strategy and roadmap.
- Establish secure reference architectures, design standards, and security patterns for cloud-native and AI-enabled solutions.
- Partner with Engineering and Product teams to embed security into development workflows and system design decisions.
- Drive adoption of secure development, DevSecOps, and AI SDLC best practices.
Drive Threat Modeling & Risk Analysis
- Lead threat modeling activities across critical applications, platforms, and AI-enabled systems.
- Identify architectural risks, attack paths, abuse cases, and trust boundary concerns.
- Translate threats into actionable security requirements and remediation guidance.
- Build reusable threat models, security patterns, and design libraries that scale across engineering teams.
Partner with Engineering Teams
- Guide teams on secure design principles, risk-based decision making, and security tradeoffs.
- Review distributed systems, microservices, cloud-native architectures, APIs, mobile applications, and identity solutions.
- Support remediation efforts and validate architectural fixes for security findings.
Secure Cloud & AI Platforms
- Conduct architecture reviews across AWS, Azure, and IBM Cloud environments.
- Assess containerized, Kubernetes, serverless, and AI-enabled architectures.
- Define cloud security guardrails, governance models, and secure deployment patterns.
- Partner with AI teams to evaluate security risks within LLM-enabled products and agentic workflows.
Influence Across the Organization
- Collaborate with Security, Engineering, Architecture, Legal, Compliance, and Product stakeholders.
- Develop security standards, training, and architecture guidance.
- Communicate architectural risk and security recommendations to technical and executive audiences.
What You'll Bring
- 10+ years of Information Security experience.
- 3+ years of Application Security Architecture and Threat Modeling experience.
- 3–5 years of Software Development or Software Engineering experience.
- Strong understanding of secure application design, cloud security, and modern software architectures.
- Experience with DevSecOps, secure SDLC practices, and AI-enabled development environments.
- Expertise in threat modeling methodologies such as STRIDE, CAPEC, and MITRE ATT&CK.
- Experience securing web, API, mobile, cloud-native, and AI-enabled applications.
- Knowledge of AWS, Azure, or IBM Cloud security architectures.
- Strong communication skills with the ability to influence stakeholders at all levels.
- Certifications such as CISSP, CSSLP, ISSAP, CISM, CRISC, OSCP, or cloud security certifications are considered an asset.
What Success Looks Like
First 90 Days
- Assess current architecture, development processes, and security maturity.
- Build relationships across engineering, architecture, cloud, and security teams.
- Identify high-priority risks and opportunities to improve secure-by-design adoption.
- Establish a roadmap for threat modeling and AI SDLC security initiatives.
6+ Months
- Standardize threat modeling and architecture review processes.
- Embed security requirements into engineering and AI development workflows.
- Expand automated security architecture and design validation capabilities.
Long-Term
- Scale secure-by-design practices across all products and platforms.
- Mature architecture risk management and AI security governance.
- Enable measurable reductions in security risk through proactive design and engineering practices.
For this role, the estimated annual base salary range is between $138,200.00 – $159,800.00 (CAD). In addition to base salary, our compensation package may include bonuses, commissions for eligible sales roles, and a comprehensive benefits package. The actual base salary will vary based on factors including individual qualifications and market data, as objectively assessed during the interview process.
This posting is for a new vacancy.
This hiring process utilizes artificial intelligence tools to assist in candidate screening and assessment. Our AI tools are designed to complement — not replace — human decision-making.
Overview of Benefits:
- Health & Wellness— Comprehensive medical, dental, and vision coverage tailored to your local needs
- Time Off— PTO and public holidays to rest, recharge, and do what matters most
- Volunteer Days— Dedicated time to give back and support the communities that matter to you
- Ignite Days— Dedicated learning days to support continuous growth, skill development, and professional learning
- Financial— Compensation that reflects your market and your value
- Retirement— Retirement plans designed to help you build long-term financial security
- Tuition Assistance— Invest in your growth with support for continuing education and professional development
- Flexibility— Work where you thrive, with remote and hybrid options available across most regions
Create a Job Alert
Interested in building your career at Varicent ? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field

