Senior Information Security Cloud Architect - Application Security (Hybrid)

Who We AreJoin a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for nine consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.

What We DoWe are seeking a highly skilled Information Security Cloud Architect specializing in Application Security to join our dynamic team. In this role, you will be responsible for designing and implementing secure cloud architectures with a focus on application security principles. You will collaborate closely with development teams, infrastructure architects, and security professionals to ensure our cloud-based applications are resilient against cybersecurity threats and compliant with industry standards.

What You'll Do

Cloud Security Architecture Design:

• Design and implement secure cloud architectures, with a strong emphasis on application security considerations.
• Develop and maintain cloud security design principles, patterns, and guidelines for application development teams.
• Ensure alignment of cloud security architectures with overall enterprise security strategies and regulatory requirements.

Application Security Expertise:

• Mature DevSecOps practices in application security architecture frameworks by incorporating shift-left initiatives, integrating SAST and DAST into CI/CD pipelines for early detection of vulnerabilities
• Provide expert guidance on secure coding practices, vulnerability management, and threat modeling for cloud-based applications.
• Conduct security assessments and reviews of applications deployed in cloud environments to identify and mitigate risks.
• Implement and manage application security controls, including web application firewalls (WAFs), API security, encryption, and authentication mechanisms.

Collaboration and Leadership:

• Work closely with software development teams to integrate security best practices throughout the application development lifecycle (SDLC).
• Collaborate with DevOps teams to automate security testing and deployment processes within CI/CD pipelines.
• Lead initiatives to educate and promote awareness of application security principles and best practices across the organization.

Continuous Improvement

• Stay current with emerging threats, vulnerabilities, and security technologies relevant to cloud-based applications.
• Evaluate and recommend new security tools and technologies to enhance the security posture of cloud environments.

What You'll Bring

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• 10+ years experience as a Cloud Architect, Application Security Engineer, or similar role, with a focus on designing and securing cloud-based applications.
• Strong knowledge of cloud platforms (e.g., AWS, Azure, GCP) and their respective security services.
• Hands-on experience with application security tools and technologies (e.g., static code analysis, dynamic application security testing).
• Industry certifications such as CISSP, CCSP, AWS Certified Security – Specialty (preferred).
• Excellent analytical and problem-solving skills.
• Strong interpersonal and communication skills, with the ability to explain complex security issues to technical and non-technical stakeholders.
• Ability to work effectively in a fast-paced environment and manage multiple priorities.
• Expertise in Python, JavaScript, etc'

Pay Range: $145,000- $193,300 Annually

This hiring range is a reasonable estimate of the base pay range for this position at the time of posting.  Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location.

What We OfferBy choice, we don’t simply accept individuality – we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it’s the right thing to do, but also because it’s the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.

** Note that the following statements only apply to candidates who will be working from an unincorporated area within Los Angeles County. **

First American will consider for employment all qualified applicants, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws (e.g., the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act).

First American intends to conduct a review of an applicant’s criminal history in connection with a conditional offer. First American reasonably believes that a criminal history may have a direct, adverse and negative relationship with the following material job duties for this position potentially resulting in the withdrawal of the conditional offer of employment: handling of confidential, proprietary or trade secret information belonging to First American or its customers, administrating or facilitating financial transactions, and the ability to meet customer-imposed criminal history requirements.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.