Senior Cybersecurity Architect - Application Security
American Bureau of Shipping (ABS)

The Cybersecurity Architect is a senior member of the ABS IT Cyber Security Team responsible for designing, implementing, and evolving enterprise-wide security architectures that safeguard ABS's digital assets, data, systems, and applications. This role serves as a strategic advisor and technical leader, ensuring that security solutions are aligned with ABS's business objectives, regulatory requirements, and risk management practices.

The role has a strong focus on application security and secure software development, including code security, software development security practices, and DevSecOps integration across the software development lifecycle (SDLC). The ideal candidate will bring deep technical expertise, business acumen, and a collaborative approach to partner with IT, business leaders, architects, engineers, and development teams in building a resilient and future-ready security posture.

What You Will Do:

• Architecture & Design: Define and maintain the enterprise security architecture, standards, and reference models to ensure consistent, secure, and scalable solutions across ABS, including cloud, on-premise, hybrid, and application environments. Review application, infrastructure, SaaS, cloud, and other designs and architectures from a cybersecurity perspective, leading to a risk and compliance-based architecture review outcome
• Application Security Leadership: Establish and promote application security architecture principles, secure design patterns, and security requirements for internally developed and third-party applications. Work with enterprise architecture to ensure secure, functional foundational platforms for application development.
• Secure SDLC Enablement: Embed security throughout the software development lifecycle by partnering with development and engineering teams to integrate secure coding, code review, threat modeling, and security testing practices.
• DevSecOps Integration: Drive the adoption of DevSecOps practices by integrating security controls, automated code scanning, vulnerability detection, and policy enforcement into CI/CD pipelines.
• Code Security Oversight: Provide guidance on code security practices, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), secrets detection, and remediation of vulnerabilities in source code and open-source dependencies.
  Strategic Alignment: Partner with IT and business leaders to embed security into technology roadmaps, digital transformation initiatives, and software product delivery.
• Risk Management: Identify, assess, and mitigate cybersecurity risks associated with applications, APIs, cloud platforms, development pipelines, and business processes.
• Governance & Compliance: Ensure alignment with regulatory frameworks, industry standards, secure development requirements, and ABS security policies.
  Technology Leadership: Evaluate, recommend, and implement emerging security technologies and practices related to application security, cloud security, and software assurance.
• Collaboration & Influence: Provide guidance to engineering, operations, platform, and development teams to integrate security into solution design, development, deployment, and ongoing support.
• Incident Preparedness: Contribute to security incident response planning and support investigations involving application-layer threats, software vulnerabilities, and code-related security issues.
• Thought Leadership: Serve as a subject matter expert, mentor team members, and represent ABS in internal and external cybersecurity forums as required.

What You Will Need:

Education and Experience

• 8+ years of progressive experience in cybersecurity, with at least 3 years in an architecture or senior security engineering role, including meaningful experience in application security, secure software development, or DevSecOps.
• Minimum: Bachelor's degree in Computer Science, Information Security, Software Engineering, or a related field, or equivalent experience.
• Preferred: Master's degree in Cybersecurity, Information Technology, Software Engineering, or related discipline.
• Experience in regulated industries such as maritime, energy, or financial services.
• Familiarity with Zero Trust architecture, advanced threat detection, software supply chain security, and emerging technologies including AI/ML in security and OT/ICS security.
• Demonstrated leadership in cross-functional teams and global, multicultural environments.
• Strong communication skills with the ability to influence technical and non-technical stakeholders.
• Experience collaborating directly with software developers, platform engineers, and product teams to improve security maturity across application development and delivery processes.

Knowledge, Skills, and Abilities

• Strong knowledge of security frameworks and standards such as NIST CSF, ISO 27001, CIS Controls, OWASP, and secure software development practices.
• Proven track record in designing and implementing enterprise security architectures across cloud, on-premise, hybrid, and application environments.
• Deep expertise in application security, including secure architecture, threat modeling, secure coding principles, API security, and vulnerability management.
• Hands-on experience with code security tools and practices, including SAST, DAST, SCA, container security scanning, secrets management, and code review processes.
• Strong knowledge of software development, security and integrating security requirements into Agile, DevOps, and CI/CD workflows.
• Demonstrated experience implementing and scaling DevSecOps practices in enterprise environments.
• Working knowledge of cloud security, IAM, encryption, endpoint protection, network security, and modern development platforms.
• Professional certifications such as CISSP, CSSLP, SABSA, TOGAF, CCSP, or other relevant cybersecurity/security architecture certifications are preferred.
• Working knowledge of the ABS Health, Safety, Quality, and Environmental Management System.m.

Reporting Relationships:

Reports to Cyber Defense Engineering group manager. May manage contractors and personnel as needed.

Notice: This position requires access to information that is subject to control by the Export Administration Regulations and/or the International Traffic in Arms Regulations. Any offer of employment shall be contingent upon the Company's verification that the candidate is a "U.S. Person" or upon the receipt of all necessary export licenses or authorizations that may be required by U.S. export control laws. "U.S. Persons" are defined as U.S. citizens, U.S. lawful permanent residents (i.e., "green card" holders), or any individual granted protected status under the Immigration and Nationality Act (8 U.S.C. § 1324b(a)(3)), including asylees and refugees. In the event a candidate refuses or cannot otherwise provide the necessary information for the Company to determine whether such licenses may be required, or for the Company to obtain any required licenses, the Company shall maintain the exclusive right to discontinue the application process and/or withdraw any contingent offer that has been made.

ABOUT US

We set out more than 160 years ago to promote the security of life and property at sea and preserve the natural environment. Today, we remain true to our mission and continue to support organizations facing a rapidly evolving seascape of challenging regulations and new technologies. Through it all, we are anchored by a vision and mission that help our clients find clarity in uncertain times. ABS is a global leader in marine and offshore classification and other innovative safety, quality, and environmental services. We're at the forefront of supporting the global energy transition at sea, the application of remote and autonomous marine systems, cutting-edge technical solutions, and many more exciting advancements. Our commitment to safety, reliability, and efficiency is ever-present, guiding our clients to safer and more efficient operations. About Our Benefits ABS Bureau proudly offers a variety of industry-leading benefits designed to enhance the life and well-being of our employees and their families. These benefits include, but are not limited to, medical insurance (PPO and HD), dental and vision insurance, Health Savings Account (HSA), Flexible Savings Account (FSA), life insurance, accidental death and dismemberment insurance, disability leave programs, parental leave program, paid holidays, and paid vacation time. The Company provides an Employee Assistance Plan (EAP) that offers support in personal wellness, including work-life services. ABS Bureau also offers a 401K plan with a generous company match, subject to plan requirements. Equal Opportunity ABS Bureau is committed to the equal employment opportunity of its employees and prohibits discrimination against any employee or qualified applicant based on race, color, creed, religion, national origin, sex, gender identity, age, disability, marital status, sexual orientation, citizenship status or veteran status, or other non-work-related characteristics that may be protected under the law of the Federal Government or specific state employment laws. Notice ABS and Affiliated Companies (ABS) will not pay a fee to any third-party agency without a valid ABS Master Service Agreement (MSA) authorized and signed by Human Resources. Any resume, CV, application, or other forms of candidate submission provided to any employee of ABS without a valid MSA on file will be considered property of ABS, and no fee will be paid. Other This job description is not intended, and should not be construed, to be an all-inclusive list of responsibilities, skills, efforts or working conditions associated with the job of the incumbent. It is intended to be an accurate reflection of the principal job elements essential for making a fair decision regarding the pay structure of the job. #ogjs

---