Senior Application Security Architect

About Intapp:

Intapp, based in Silicon Valley, is a leader in Vertical AI SaaS company, collaborating with over 2,550 professional and financial services firms globally. With 20+ years of industry expertise, Intapp's "Intelligence Applied" approach is transforming how businesses operate and leverages a strategic partner with Microsoft in delivering industry cloud solutions. The company culture promotes accountability, responsibility, and growth in a diverse, inclusive, and collaborative environment. Since going public in 2021, Intapp has expanded to over 1,600 employees globally with development centers in Palo Alto, Charlotte, Belfast, Berlin, and Lisbon.

Intapp is seeking an experienced Application Security Architect to guide security initiatives where our products interact. In this role, you will serve as the security authority for multiple interconnected products, ensuring defense in depth while enabling seamless and secure interoperability. You will partner closely with product and engineering teams to establish the standards, patterns, and governance that guide how our products communicate, share data, and evolve together.

What you’ll do:

• Establish and enforce secure design patterns, reference architectures, and integration standards that enable interoperability without introducing cross-product risk.

• Evaluate product architectures for security risks during the design stage (threat modeling) and drive remediation of identified issues.

• Serve as the security stakeholder for platform-level integration initiatives including shared identity services, API gateways, event buses, and data exchange layers.

• Coordinate security testing for platform components and cross-product interactions.

• Contribute to application security standards, guidelines, and secure coding practices and drive the implementation of these standards in platform product components.

• Partner with legal and compliance teams to ensure products meet applicable regulatory requirements (e.g., SOC 2, GDPR, HIPAA, PCI-DSS) without compromising interoperability goals.

• Escalate critical security risks with clear business context and recommended remediation paths.

What you’ll need:

• 8+ years of experience in application security, software engineering, or a related field, with at least 3 years in an architecture or senior individual contributor role.

• Deep expertise in application security concepts: authentication and authorization, cryptography, input validation, API security, secrets management, and secure design principles.

• Demonstrated experience designing secure integration and interoperability patterns across distributed systems (microservices, REST/GraphQL APIs, event-driven architectures).

• Strong proficiency with threat modeling methodologies (STRIDE, PASTA, or equivalent) and security architecture review processes.

• Hands-on experience with application security tooling: SAST, DAST, SCA, container scanning, and secrets detection.

• Proficiency in at least one of the following technologies: .NET, Java, or JavaScript.

• Familiarity with cloud infrastructure security (AWS, Azure, or GCP).

• Strong written and verbal communication skills, with the ability to translate complex security risks into clear, business-relevant language for both technical and non-technical audiences.

What you will gain: