Information Security Architect
Frankfurt am Main, Germany
12 Month Contract
German + English
ASAP
Role Overview
We are seeking a highly skilled Information Security Architect to join a leading financial services client based in Frankfurt. The ideal candidate will be responsible for developing and implementing robust security architecture that aligns with regulatory requirements and business objectives in a fast-paced, highly regulated financial environment.
Key Responsibilities
* Define, design, and implement enterprise-wide security architecture standards, frameworks, and reference models.
* Assess current security posture and identify areas of improvement aligned with business strategy and compliance requirements (e.g., BaFin, ISO 27001, DORA).
* Develop secure design patterns and blueprints for infrastructure, applications, and cloud deployments (e.g., AWS, Azure, GCP).
* Collaborate with cross-functional teams (IT, Risk, Compliance, DevOps) to integrate security into the SDLC and CI/CD pipelines.
* Lead threat modeling, security risk assessments, and architecture reviews for new initiatives and existing systems.
* Evaluate emerging technologies and recommend innovative solutions to enhance security posture.
* Create and maintain security documentation including architecture diagrams, controls mapping, and implementation guidelines.
* Act as a subject matter expert in audits, regulatory assessments, and client security reviews.
Required Qualifications
* Bachelor's or Master’s degree in Computer Science, Information Security, or related field.
* Minimum of 7+ years of experience in IT Security with at least 3 years in an architecture or design role.
* Strong understanding of security architecture methodologies (e.g., SABSA, TOGAF, NIST, Zero Trust).
* Hands-on knowledge of network security, identity & access management (IAM), encryption, cloud security, and endpoint protection.
* Experience in the financial services sector, with understanding of relevant regulations (e.g., GDPR, BaFin, EBA Guidelines).
* Familiarity with cloud-native security controls and tools (e.g., AWS IAM, Azure Sentinel, GCP SCC).
* Relevant certifications such as CISSP, CISM, CCSP, AWS/Azure Security Architect, TOGAF are highly desirable.
Soft Skills
* Excellent analytical and problem-solving skills.
* Strong communication and stakeholder management skills.
* Ability to work independently and collaboratively in a high-pressure, regulated environment.
* Fluent in English; German language skills are a plus.