Here's a bunch of very handy articles from the Patterns and Practices group at Microsoft... they will go a long way towards helping infrastructure engineers work with application developers to ensure secure application architecture and deployment.
I don't know how many arguments I've had with developers who had no idea about what they were actually proposing to deploy from an infrastructure security standpoint (much worse than the usual 'must run with admin' demands), I'll be sure to point them at this link when relevant in the future!