• Perform architecture and security reviews on highly complex products to identify vulnerabilities. • Work with development teams to integrate software security design patterns throughout the application lifecycle. • Ensure critical application design and implementation decisions are based on sound security patterns. • Facilitate analytics process for application abuse detection. • Support application protection efforts, incident response and fraud. • Find security threats and vulnerabilities in applications and recommend mitigation strategies. • Participate in evaluation, deployment and operations of innovative security solutions. • Conduct static and dynamic application security testing (SAST/DAST), code reviews, security assessments and evaluations. • Implement and manage security tools, including SAST, DAST, Software Composition Analysis (SCA), and other security scanning solutions. • Drive the implementation of authentication, authorization, and access control mechanisms for APIs and platforms. • Partner with application development, engineering and operations teams to ensure a security-first approach in CI/CD pipelines. • Work closely with the offensive security team to help identify, uncover and validate weakness and exposures in critical applications. • Support incident response efforts and mitigations related to application security vulnerabilities and weaknesses. • Provide security awareness training and guidance to development teams on secure coding practices. • Lead implementation of strategic security initiatives that improve application security across the organization. • Ensure application security practices align with regulatory standards such as PCI-DSS, NIST, and OWASP guidelines.