×
Register Here to Apply for Jobs or Post Jobs. X

Security Architecture Engineer, STORM

Remote / Online - Candidates ideally in
Warsaw, Kosciusko County, Indiana, 46580, USA
Listing for: United States Digital Space LLC
Remote/Work from Home position
Listed on 2026-06-30
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 90000 - 120000 USD Yearly USD 90000.00 120000.00 YEAR
Job Description & How to Apply Below

STORM (Security Threat Operations & Response Management) is the company's security operations organization, made up of red and blue team specialists focused on protecting the company's employees, users, and customers. We proactively address threats, embed security across the product lifecycle, and partner closely with the company's broader R&D and engineering teams to make security-by-design the norm. We are looking for a collaborative, analytical Security Architecture Engineer to join our team in Warsaw to solve complex design challenges and scale our architectural security defenses.

This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do and the teams with which you partner. If you're interview ing for this role, your recruiter will share more about the in-office requirements.

We offer a Contract of Employment (UoP) for our employees in Poland.

What you’ll achieve
  • Security Design Review & Threat Modelling: Lead architecture reviews and structured threat modelling (such as STRIDE, OWASP Threat Dragon, and MITRE ATT&CK) for new and in-flight projects to identify risk early and produce actionable guidance before code is written.

  • Code & Data Flow Analysis: Conduct security-focused code reviews and analyze data flows across services, APIs, and integrations to identify trust boundaries and attack surface reduction opportunities.

  • Defensive Engineering Recommendations: Translate threat model findings into concrete engineering recommendations and feed architectural weaknesses to STORM’s red team for proactive adversary emulation planning.

  • Architecture Standards & Frameworks: Build and mature the company’s security architecture review process and define standards aligned to industry best practices like NIST 800-53, FedRAMP, ISO 27001, and OWASP ASVS.

  • Security Pattern Library: Develop and maintain a reusable security pattern library for authentication, authorization, encryption, API security, and data handling that engineering teams can adopt directly.

  • AI Security Architecture: Evaluate AI tooling and integrations using industry standards (such as OWASP Maestro and OWASP Top 10 for LLMs), assessing risks including prompt injection, model misuse, data leakage, and supply chain exposure.

  • AI Governance: Develop governance practices for AI-augmented development workflows and stay current with the evolving AI security landscape.

  • Security Artifact Advocacy: Champion security-by-design by driving organizational adoption of architecture diagrams, data flow diagrams, and threat models as first-class engineering artefacts.

  • Training & Culture: Deliver highly technical training and workshops to engineering and product teams, making the secure choice the path of least resistance across the organization.

About you
  • 7+ years of progressive experience in security roles, with a focus on security architecture, application security, or high-scale design reviews.

  • Hands‑on proficiency with threat modelling methodologies (STRIDE/PASTA, OWASP Threat Dragon) and the MITRE ATT&CK framework at the TTP level.

  • Competency conducting security-focused code reviews across modern languages, including Python, Go, Java, or Type Script.

  • Deep functional knowledge of compliance frameworks and baselines, including NIST 800-53, FedRAMP, ISO 27001, OWASP ASVS, and the AWS Well-Architected Security pillar.

  • Strong understanding of authentication/authorisation mechanisms (OAuth 2.0, OIDC, SAML, SSO) and container infrastructure security (Kubernetes RBAC, pod security, network policies, and secrets management).

  • Familiarity with emerging AI security standards, specifically the OWASP Top 10 for LLMs, OWASP Maestro, or securing multi-tenant SaaS platforms.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary