Security Architect (m/w/d)

Your profile

• 7+ years of experience in software or cloud security architecture, ideally in industrial, IoT, or energy domains.
• Strong knowledge of secure design principles, cloud-native architectures (GCP, Azure), and application security.
• Experience with threat modeling (STRIDE, PASTA) and risk assessment.
• Deep understanding of authentication, encryption, network segmentation, and secrets management.
• Familiarity with regulatory frameworks (IEC 62443, CSTAR).
• Hands-on experience with secure CI/CD, containers, and Kubernetes.
• Excellent documentation and communication skills.

Preferred Qualifications

• Degree in Computer Science, Software Engineering, or Information Security.
• Cloud security certifications (e.g. CCSP, ISSAP, CCSK, or GCAD).
• Experience with penetration testing coordination or API security validation.
• Knowledge of privacy and cybersecurity regulations (GDPR, Data Act, CRA).

Your activities

• Define and maintain security architecture blueprints for software and cloud components (Head-End Systems, SaaS, APIs, etc.).
• Review designs and perform threat modeling for new features and integrations.
• Specify security controls aligned with IEC 62443 and corporate policies.
• Work with DevSecOps teams to integrate secure design patterns into CI/CD pipelines and infrastructure-as-code.
• Assess and approve cloud-native services from a risk and compliance perspective.
• Support certification and audit readiness with documentation and risk assessments.
• Collaborate with governance and PSIRT teams to embed vulnerability management and incident response.
• Mentor developers on secure coding practices and modern security frameworks (OAuth2, Keycloak, vault solutions).