×
Register Here to Apply for Jobs or Post Jobs. X

Sr. Principal Security Engineer, Application Security Strategy & Architecture

Job in Indiana Borough, Indiana County, Pennsylvania, 15705, USA
Listing for: Scorpion Therapeutics
Full Time position
Listed on 2026-07-08
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 120000 - 150000 USD Yearly USD 120000.00 150000.00 YEAR
Job Description & How to Apply Below

What You’ll Be Doing

  • Lead strategy and architecture across Lilly’s Application Security (App Sec) program as a senior technical leader within Security Architecture & Engineering (SAE).
  • Provide architectural direction, lead tool evaluation and selection, drive security transformation initiatives, and advise on program-level execution risk.
  • Define program-level reference architectures and translate regulatory/compliance requirements into patterns engineers can execute.
Key Responsibilities
  • App Sec Strategy & Architecture:
    Define and maintain Secure SDLC architecture (SAST, DAST, SCA, secrets management, software supply chain); partner to identify program risks/dependencies; translate regulatory/audit requirements into implementable architecture.
  • Tool Evaluation & Selection:
    Lead structured evaluations across SAST/DAST/SCA/pen testing/AI-augmented tools; define criteria, run proofs of concept, assess vendor fit/scale, and recommend to leadership; advise on emerging capabilities.
  • Enterprise Platform Security Transformation:
    Own security architecture during platform transformations; assess migration impact on App Sec controls (gaps in SAST/secrets scanning/CI/CD) and define remediation; embed requirements into sequencing/cutover; define readiness criteria and go/no-go decisions.
  • App Sec Execution Support:
    Guide complex implementations; conduct security reviews; support threat modeling; contribute to Secure SDLC standards and vulnerability management policy.
Your Basic Qualifications
  • Bachelor’s in CS/Info Sec/Software Engineering or related field.
  • 5+ years in application security, security architecture, or related.
  • Large-scale security/identity/platform migration experience.
  • Hands‑on Git Hub Enterprise (Git Hub Actions, CI/CD security controls, IAM patterns).
  • Experience evaluating/selecting SAST/DAST/SCA tooling.
  • Threat modeling and App Sec fundamentals (OWASP Top 10, CWE, secure coding).
What You Should Bring
  • Deep Git Hub identity/IAM knowledge (EMU, SAML/OIDC, PAT governance, Actions security).
  • App Sec migration impact assessment; strong App Sec fundamentals and vulnerability management.
  • Familiarity with App Sec tools (e.g., SAST like Checkmarx or equivalent; DAST/SCA/secrets scanning).
  • Ability to create architectural documentation and present risk/recommendations to senior leadership.
  • Secrets management and software supply chain security patterns; awareness of AI-augmented security tools.
  • Working knowledge of cloud (AWS preferred) and containers.
  • Operate as a senior individual contributor (architectural leadership without direct management authority).
Location & Work Flexibility
  • Corporate Center (Indianapolis, IN); hybrid (3 days onsite/2 days remote); fully remote may be considered.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary