Senior Application Security Architect

At Avaron, you get the security of permanent employment combined with the variety of working at different customers. We place specialists across everything from tech, IT and industry to project management and business support – and whatever the assignment, you have a consultant manager who is there for you and your development.

You will help lead and mature an application security program in a modern engineering environment with cloud-native platforms, distributed systems, and fast-moving product teams. In this role, you act as a trusted security advisor to engineering and product stakeholders, shaping secure design decisions early, evaluating risk in new technologies, and helping teams build security into the SDLC from the start.

You will influence secure design standards, support technical direction, and strengthen a security-first culture across applications, APIs, and microservices. You will also work closely with teams across engineering and security to enable secure innovation at scale. This is an exciting opportunity to combine hands-on architecture with broad technical influence in a complex environment.

• You guide engineering and product teams on secure design, threat modeling, and application security architecture.
• You embed security into the SDLC and support teams in adopting secure coding practices.
• You review architectures for applications, APIs, microservices, and cloud-native services with a security-first mindset.
• You evaluate emerging technologies, identify risk, and recommend pragmatic mitigation strategies.
• You help define and enforce secure design standards and influence technical direction across teams.
• You support the integration of security tools and controls into DevSecOps and CI/CD workflows.
• You contribute to security architecture reviews and support incident response efforts when needed.
• You mentor developers and security engineers in building secure solutions at scale.

• 7+ years of experience in application security, software engineering, or a related field.
• Deep expertise in application security principles, including secure design, threat modeling, and risk assessment.
• Strong understanding of common vulnerabilities, including OWASP Top 10, and mitigation strategies.
• Proficiency in cloud security across AWS, Azure, or GCP.
• Experience securing microservices, containerized environments such as Docker and Kubernetes, and APIs.
• Hands-on experience with DevSecOps practices and integrating security tools into CI/CD pipelines.
• Knowledge of secure coding practices across multiple languages such as Java, Python, JavaScript, and Go.
• Experience with security testing tools such as SAST, DAST, SCA, and IaC scanning tools.
• Proven track record of designing and implementing secure architectures in complex, distributed systems.
• Experience conducting threat modeling exercises and security architecture reviews.
• Ability to communicate clearly, influence engineering teams, and work closely with product stakeholders.
• Experience in a leadership, mentorship, or advisory role within security or engineering teams.
• Ability to complete a required background check.

• Background in incident response, vulnerability management, or security operations.
• Experience with serverless and other modern cloud-native infrastructure patterns.

• Permanent employment at Avaron AB
• Occupational pension
• Wellness allowance of SEK 5,000 per year

Selections are made on an ongoing basis – apply as soon as you can.