Appsec & Ai Security Architect

AppSec AI Security Architect This role has been designed as Onsite with an expectation that you will primarily work from an HPE office Who We Are Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work We help companies connect protect analyze and act on their data and applications wherever they live from edge to cloud so they can turn insights into outcomes at the speed required to thrive in today s complex world Our culture thrives on finding new and better ways to accelerate what s next We know varied backgrounds are valued and succeed here We have the flexibility to manage our work and personal needs We make bold moves together and are a force for good If you are looking to stretch and grow your career our culture will embrace you Open up opportunities with HPE About our Cybersecurity Team Are you ready to make an impact at one of the world s leading tech companies HPE s Cybersecurity team is where you can do just that HPE s Cybersecurity organization is where innovation meets trust We re looking for a seasoned Application Security Architect to join our Security Architecture practice helping to secure the applications APIs and digital platforms that power HPE s global business If you re passionate about secure software design enabling DevSecOps at scale and shaping how security is embedded into enterprise and AI-enhanced applications this is the role for you As an Application Security Architect at HPE you ll be responsible for defining and governing secure application architecture patterns conducting design and threat reviews and partnering with engineering and product teams to embed security-by-design into the development lifecycle You will primarily focus on application API and DevSecOps security while also contributing to secure adoption of AI technologies where relevant ensuring new AI-enabled systems meet enterprise standards for data protection privacy and model integrity About You You are an experienced application security professional with a strong grasp of software architecture and secure SDLC principles You can analyze complex architectures identify design-level risks and provide clear actionable recommendations You also bring awareness of AI ML and LLM integration risks such as model input validation prompt injection and data handling You thrive in collaboration working with developers architects and engineering teams to make secure design decisions practical scalable and developer-friendly What you ll do Key Responsibilities Defining and maintaining secure application architecture patterns reference designs and reusable components across enterprise and cloud-native ecosystems Performing architecture risk assessments and threat modeling for major application programs APIs and platforms Leading adoption of Web Application and API Protection WAAP controls and Application Security Posture Management ASPM tools to enable continuous risk visibility and compliance Embedding security controls in SDLC and CI CD pipelines including SAST DAST SCA IaC and container scanning Designing and governing security for Kubernetes-based and containerized workloads including service mesh and runtime protection Developing and enforcing standards for API and microservices security including authentication authorization and token lifecycle management OAuth2 OIDC mTLS Establishing secure-by-default configurations for CI CD and GitOps pipelines e g ArgoCD Flux Jenkins GitHub Actions Partnering with engineering teams to design secure cloud-native and hybrid architectures across AWS Azure and GCP Providing security guidance for applications leveraging AI ML or LLM capabilities such as input output sanitization model integrity and data protection Establishing application security KPIs governance models and maturity metrics Contributing to secure SDLC frameworks DevSecOps enablement and developer awareness programs Mentoring engineers developers and junior architects in secure coding and secure design practices What you need to bring Education Experience Requirements Bachelor s or Master s degree in Cybersecurity Computer Science or Engineering 10 years of experience in application or product security architecture preferably in large enterprise or SaaS environments Proven expertise in secure application and API design cloud-native security and DevSecOps enablement Proven expertise in secure application and API design WAAP and ASPM solutions Strong experience with Kubernetes K8s containerization and service mesh architectures Hands-on experience implementing or governing GitOps pipelines and policy-as-code frameworks e g OPA Gatekeeper Kyverno Knowledge of Zero Trust data protection and modern identity standards OIDC OAuth2 Familiarity with AI ML security risks model governance and responsible AI adoption Deep knowledge of OWASP ASVS NIST CSF ISO 27034 and CIS Controls Desired Certifications CISSP CSSLP SABSA CCSP CKA Certified Kubernetes Administrator or CCSK Impact Strengthen HPE s application and platform security posture across modern DevSecOps and GitOps ecosystems Drive automation-first security through architecture code and continuous validation Enable faster safer software delivery by embedding security directly into developer and platform workflows Support responsible and secure integration of AI and ML technologies into enterprise applications Contribute to a unified Security Architecture practice advancing HPE s global secure-by-design strategy Cybersecurity Additional Skills Accountability Accountability Action Planning Active Learning Active Listening Agile Methodology Bias Business Coaching Creativity Critical Thinking Cybersecurity Data Analysis Management Data Collection Management Inactive Data Controls Design Thinking Development Methodologies Empathy Follow-Through Growth Mindset Implementation Methodologies Infrastructure Design Intellectual Curiosity Inactive Long Term Planning Managing Ambiguity 4 more What We Can Offer You Health Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical financial and emotional wellbeing Personal Professional Development We also invest in your career because the better you are the better we all are We have specific programs catered to helping you reach any career goals you have whether you want to become a knowledge expert in your field or apply your skills to another division Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness We know varied backgrounds are valued and succeed here We have the flexibility to manage our work and personal needs We make bold moves together and are a force for good Let s Stay Connected Follow on Instagram to see the latest on people culture and tech at HPE Job Information Technology Job Level TCP 05 HPE is an Equal Employment Opportunity Veterans Disabled LGBT employer We do not discriminate on the basis of race gender or any other protected category and all decisions we make are made on the basis of qualifications merit and business need Our goal is to be one global team that is representative of our customers in an inclusive environment where we can continue to innovate and grow together Please click here Hewlett Packard Enterprise is EEO Protected Veteran Individual with Disabilities HPE will comply with all applicable laws related to employer use of arrest and conviction records including laws requiring employers to consider for employment qualified applicants with criminal histories No Fees Notice Recruitment Fraud Disclaimer It has come to HPE s attention that there has been an increase in recruitment fraud whereby scammer impersonate HPE or HPE-authorized recruiting agencies and offer fake employment opportunities to candidates These scammers often seek to obtain personal information or money from candidates Please note that Hewlett Packard Enterprise HPE its direct and indirect subsidiaries and affiliated companies and its authorized recruitment agencies vendors will never charge any candidate a registration fee hiring fee or any other fee in connection with its recruitment and hiring process The credentials of any hiring agency that claims to be working with HPE for recruitment of talent should be verified by candidates and candidates shall be solely responsible to conduct such verification Any candidate individual who relies on the erroneous representations made by fraudulent employment agencies does so at their own risk and HPE disclaims liability for any damages or claims that may result from any such communication