Enterprise Architect- Application Security and Cloud Platform (On-Site in Springfield, MO)

POSITION SUMMARY The Enterprise Architect for Application Security & Cloud Platform will work onsite at our corporate office in Springfield, MO. and is a senior strategic role within IT Security, responsible for defining, governing, and continuously improving the secure-by-design architecture for applications and cloud platforms across the enterprise.

Operating at an enterprise-wide scope, this role provides architectural leadership spanning secure application patterns, cloud-native platform controls, identity, containerization, API security, and integration governance. You will collaborate across Security, Engineering, Operations, and business technology teams to ensure all application and platform designs meet enterprise risk tolerance, regulatory standards, and modern architectural principles.

This role will define the long-term vision for secure application and cloud platform architecture, develop enterprise guardrails and reusable patterns, and guide solution and domain architects in consistent adoption. This position is based at our corporate office in Springfield, MO. ESSENTIAL FUNCTIONS Enterprise Security Architecture Leadership Define the enterprise architecture strategy for application security and cloud platform security Develop and govern secure design principles, reference architectures, and reusable security patterns Partner with Security to align enterprise architecture with risk, compliance, and threat intelligence Lead architecture review boards (ARBs) in evaluating system designs for adherence to enterprise guardrails Provide architectural oversight for major programs, transformation initiatives, and cloud modernization efforts Application Security Architecture (Cloud & Legacy) Architect secure application patterns across microservices, APIs, serverless workloads, and legacy platforms Define enterprise-wide secure coding standards, threat modeling frameworks, and application-layer guardrails Evaluate and select application security platforms (SAST, DAST, SCA, RASP, API security, etc.) Oversee security integration into CI/CD pipelines, supporting enterprise DevSecOps maturity Guide development teams on secure design, vulnerability mitigation, and adoption of shift-left practices Cloud Platform Security Architecture (Azure & GCP) Architect enterprise-secure patterns for identity, workload isolation, data protection, and perimeter-less security Develop and enforce security architecture for container platforms, serverless, Kubernetes, and cloud-native services Define enterprise controls leveraging CSPM, CWPP, CNAPP, zero trust, and identity-first security models Partner with Cloud Engineering to implement platform guardrails, landing zones, and compliance automation Establish enterprise standards for multi-cloud security configurations, logging, and monitoring Legacy Platform Security Architecture Define strategic direction for securing legacy WebSphere Commerce Suite (WCS) and similar systems Develop compensating controls, hardening baselines, and integration security patterns Lead architectural decision-making for modernization and migration paths away from legacy platforms Governance, Standards & Strategic Innovation Create and maintain policies, standards, and architecture principles governing secure application and cloud design Conduct enterprise-level threat modeling and risk assessments across platforms and business solutions Serve as the primary architecture liaison with audit, risk, and compliance stakeholders (PCI, SOC 2, NIST, ISO) Evaluate emerging technologies, conduct platform capability assessments, and guide long-term investment strategy Mentor solution architects, engineers, and developers across ETS pillars on secure architecture practices

EXPERIENCE:

&

QUALIFICATIONS:

Bachelor’s degree in Computer Science, Engineering, or equivalent

experience:

12+ years in software architecture, application security, or cloud platform architecture 7+ years designing and securing cloud-native architectures in Azure or GCP Deep expertise in secure application patterns, DevSecOps, and CI/CD security integration Strong architectural knowledge of microservices, Kubernetes, containers, and serverless Familiarity with legacy platform security, including WCS or Java-based enterprise systems In-depth understanding of cloud-native security services (Azure Defender, GCP SCC, etc.) Expertise with OWASP, NIST, Zero Trust, secure design principles, and threat modeling Professional certifications preferred: CISSP, CCSP, CSSLP, GCSA, TOGAF, or Azure/GCP Architect Strong executive communication and ability to influence across Security, Engineering, and Operations TRAVEL

REQUIREMENTS:

Occasional travel to visit key facilities or in support of team meetings (less than 15%) PHYSICAL

REQUIREMENTS:

Regularly performs computer work and sits Occasionally walks and stands Seldom/never lifts up to 50lbs INDEPENDENT JUDGEMENT: Develops strategic direction, goals, plans, and policies for application security. Sets broad objectives and is accountable for overall results in respective area of responsibility.

Requires high degree of independent judgment and problem solving of complex problems. Full Time

Benefits:

Summary: Enjoy discounts on retail merchandise, our restaurants, world-class resorts and conservation attractions! Medical Dental Vision Health Savings Account Flexible Spending Account Voluntary

benefits:

401k Retirement Savings Paid holidays Paid vacation Paid sick time Bass Pro Cares Fund And more! Bass Pro Shops is an equal

opportunity:

employer. Hiring decisions are administered without regard to race, color, creed, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, ancestry, citizenship status, disability, veteran status, genetic information, or any other basis protected by applicable federal, state or local law.

Reasonable Accommodations Qualified individuals with known disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws. If you need a reasonable accommodation for any part of the application process, please visit your nearest location or contact us at hrcompliance@basspro.com.

Bass Pro Shops

About:

Bass Pro Shops Bass Pro Shops is North America’s premier outdoor and conservation company. Founded in 1972 when avid young angler Johnny Morris began selling tackle out of his father’s liquor store in Springfield, Missouri, today the company provides customers with unmatched offerings spanning premier destination retail, outdoor equipment manufacturing, world-class resort destinations and more.

In 2017 Bass Pro Shops joined forces with Cabela’s to create a “best-of-the-best”

experience:

with superior products, dynamic locations and outstanding customer service. Bass Pro Shops also operates White River Marine Group, offering an unsurpassed collection of industry-leading boat brands, and Big Cedar Lodge, America’s Premier Wilderness Resort. Under the visionary conservation leadership of Johnny Morris, Bass Pro Shops is a national leader in protecting habitat and introducing families to the outdoors and has been named by Forbes as “one of America’s Best Employers.”