Lead Application Security Architect (Hybrid)
10/08/2025Locations East Berlin, Connecticut; Westwood, Massachusetts; Manchester, New Hampshire
Job Description
Lead Application Security Architect (Hybrid)
10/08/2025Locations: East Berlin, Connecticut; Westwood, Massachusetts; Manchester, New Hampshire
Eversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change, based on managerial discretion and work performance. All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change.Please note: Authorization to work in the United States is a precondition to employment in this position. Eversource will not sponsor candidates for work visas for this position.
Role and Scope of Position:
As the Lead Application Security Architect, and as part of the Cybersecurity Architecture team at Eversource, you will lead a team that works alongside other cybersecurity specialists within the Cybersecurity, Network, and Compliance organization. You’ll have the opportunity to shape Application Security and collaborate across multiple business lines and technical domains.
One of your primary tasks will be a focus on security issues involving secure coding and secure design. You will lead a team and assist others in resolving security issues by offering alternative coding solutions and other means. You will also work with project teams and business management to promote a security mindset.
The Lead Application Security Architect will interact closely with the technology and business colleagues associated with projects. They will deliver project level planning, design, and implementation of security solutions and controls related to Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning)
You will aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity.
Essential Functions:
Lead Application Security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.
Cultivate security culture with your product technology and business colleagues. Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea.
Serve as an application security thought leader. Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk. Serve as an appsec cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.
Foster a culture of innovation, collaboration, and continuous improvement by developing and maintaining security policies, and testing and evaluating security tools and products.
Technical Knowledge/Skill/Education/Licenses/Certifications:
Technical Knowledge/Skill:
5+ years of senior level Cyber Security experience required.
Must have experience leading mid to large security initiatives and managing small teams within Security.
Must have a background performing cybersecurity code analysis. This includes identifying and resolving false positives, explaining vulnerabilities in simple terms to project teams, and serving as an escalation point for the appsec team.
Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
Must have experience with DevSecOps and Agile methodology.
Must be able to produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.
Experience with cloud methodology and terminology. Experience working with cloud-based platforms and applications. Experience with Azure is preferred.
Experience with implementing and using static and dynamic analysis tools. Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred. Experience performing or interpreting penetration testing is preferred.
Experience with automating security operations within CICD workflows preferred.
Experience in writing code using a major programming language is preferred. Specifically, .NET.
Exhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.
Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.
Education:
Bachelor’s Degree in Engineering, Computer Science, Data Science, Information Technology or related experience
Experience:
10 years related experience that includes 5 years of Senior level cyber security experience and:
Experience in Cross Domain Solutions
Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).
Exposure to projects using an Agile methodology and DEVSECOPS environment.
Experience leading mid to large security initiatives
Licenses & Certifications:
Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.
Industry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.
Working Conditions:
Must be available to work emergency restoration assignment as required.
Must be available to travel between MA/CT/NH as necessary.
#corpajd
#LI-KS1
Competencies:
Build trusting relationships
Manage and develop people
Foster teamwork and cross-functional collaboration
Lead change
Communicate strategic vision
Create an engaged workforce
Focus on the customer
Take ownership & accountability
Compensation and Benefits:
Eversource offers a competitive total rewards program.Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive.The annual salary range for this position is:
$156,260.00-$173,620.00Worker Type:
RegularNumber of Openings:
1Emergency Response:
Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.
EEO Statement:
Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.
VEVRRA Federal Contractor
Overview
Eversource is always looking for employees who share the values that help make us one of the leading energy companies in the country. Our Corporate areas work collaboratively and strategically with all areas of the business to set policy and drive strategic direction. We create value for our business areas by delivering consistent, quality, cost-effective services, and leading change to build a more engaged workplace and a performance culture. You'll have a variety of opportunities to further your career. We have a great working environment, excellent compensation and benefit programs, and opportunities for growth and development.
Learn more about careers in IT, Finance/Accounting, Legal, Human Resources and Corporate Relations.
Success Profile
What makes a successful Corporate member?
Check out the top traits we're looking for and see if you have the right mix.
- Collaborative
- Customer Focus
- Team Player
- Adaptable
- Detail Oriented
- Positive
Culture
Our goal is to remain the best energy company in the nation, and to be the first with carbon-neutral operations by 2030.
We will achieve this by embracing perspectives our employees bring to the table. We are committed to:
- Fostering a workplace where all employees, customers, and stakeholders are respected and valued.
- Leveraging the unique talents, perspectives, and life experiences of every employee to drive our ongoing success.
- Attracting, developing, and retaining a workforce capable of meeting the evolving needs of our customers while delivering reliable energy and exceptional service.
Over the past year, Eversource and employees contributed:
103 events with more than 23,000 hours and 4,900 employees—that's what Eversource volunteers accomplished in 2021 to help our communities across CT, NH, and MA. Whether it was collecting food for the holidays, passing out food in a local kitchen, or pulling trash out of the Connecticut River, we were there. Take a look at some highlights in this video.
Employee Testimonials
Job Description
Lead Application Security Architect (Hybrid)
10/08/2025Locations: East Berlin, Connecticut; Westwood, Massachusetts; Manchester, New Hampshire
Eversource supports work-life balance by offering hybrid schedules for certain roles. Eligibility is based on job responsibilities, operational needs, nature of work and team dynamics. Current guidelines require employees to work at least three days in the office, including Tuesdays and Wednesdays, with the third day set by the employee and supervisor based on department needs. These guidelines apply to roles approved for remote work and are subject to change, based on managerial discretion and work performance. All applicants must be able to work up to five days in the office if needed (for example: emergencies, training, or other business needs) or should the policy change.Please note: Authorization to work in the United States is a precondition to employment in this position. Eversource will not sponsor candidates for work visas for this position.
Role and Scope of Position:
As the Lead Application Security Architect, and as part of the Cybersecurity Architecture team at Eversource, you will lead a team that works alongside other cybersecurity specialists within the Cybersecurity, Network, and Compliance organization. You’ll have the opportunity to shape Application Security and collaborate across multiple business lines and technical domains.
One of your primary tasks will be a focus on security issues involving secure coding and secure design. You will lead a team and assist others in resolving security issues by offering alternative coding solutions and other means. You will also work with project teams and business management to promote a security mindset.
The Lead Application Security Architect will interact closely with the technology and business colleagues associated with projects. They will deliver project level planning, design, and implementation of security solutions and controls related to Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning)
You will aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity.
Essential Functions:
Lead Application Security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.
Cultivate security culture with your product technology and business colleagues. Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea.
Serve as an application security thought leader. Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk. Serve as an appsec cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.
Foster a culture of innovation, collaboration, and continuous improvement by developing and maintaining security policies, and testing and evaluating security tools and products.
Technical Knowledge/Skill/Education/Licenses/Certifications:
Technical Knowledge/Skill:
5+ years of senior level Cyber Security experience required.
Must have experience leading mid to large security initiatives and managing small teams within Security.
Must have a background performing cybersecurity code analysis. This includes identifying and resolving false positives, explaining vulnerabilities in simple terms to project teams, and serving as an escalation point for the appsec team.
Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
Must have experience with DevSecOps and Agile methodology.
Must be able to produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.
Experience with cloud methodology and terminology. Experience working with cloud-based platforms and applications. Experience with Azure is preferred.
Experience with implementing and using static and dynamic analysis tools. Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred. Experience performing or interpreting penetration testing is preferred.
Experience with automating security operations within CICD workflows preferred.
Experience in writing code using a major programming language is preferred. Specifically, .NET.
Exhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.
Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.
Education:
Bachelor’s Degree in Engineering, Computer Science, Data Science, Information Technology or related experience
Experience:
10 years related experience that includes 5 years of Senior level cyber security experience and:
Experience in Cross Domain Solutions
Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).
Exposure to projects using an Agile methodology and DEVSECOPS environment.
Experience leading mid to large security initiatives
Licenses & Certifications:
Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.
Industry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.
Working Conditions:
Must be available to work emergency restoration assignment as required.
Must be available to travel between MA/CT/NH as necessary.
#corpajd
#LI-KS1
Competencies:
Build trusting relationships
Manage and develop people
Foster teamwork and cross-functional collaboration
Lead change
Communicate strategic vision
Create an engaged workforce
Focus on the customer
Take ownership & accountability
Compensation and Benefits:
Eversource offers a competitive total rewards program.Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive.The annual salary range for this position is:
$156,260.00-$173,620.00Worker Type:
RegularNumber of Openings:
1Emergency Response:
Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.
EEO Statement:
Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.
VEVRRA Federal Contractor
Benefits
Eversource employees are committed to providing reliable energy and superior customer service—and that's why we are committed to providing our employees with a highly competitive total rewards package. In addition to wages and salaries, the benefit programs Eversource offers its employees and family members are a significant part of the total rewards.
