Düsseldorf | hybrid | 100.000 - 130.000 + Bonus | permanent
Right now, the wave of AI-ready cyber resilience and EU regulations (NIS2, DORA, EU CRA, EU AI Act) is reshaping how every large organisation in Europe approaches cybersecurity. Our Secure by Design practice is at the heart of this shift and takes it a step further: Compliance with regulatory requirements is a given for us, sustainable technical implementation is what we pride ourselves on: outcome-based rather than hour-based, knowledge-focused rather than leverage-focused, product-led rather than slide-led.
To continue meeting our clients’ needs whilst maintaining our quality standards, we are seeking experienced Secure by Design Consultants to help shape our scale.
THE ROLE
You will lead end-to-end ‘secure by design’ transformation programmes for our enterprise clients. These projects span several quarters and involve multiple teams, with you being responsible for the technical strategy, customer relationships and the final outcome.
Specifically, this means, for example:
* Lead a Secure by Design transformation within the product organisation of a DAX 30 client, involving over 100 engineers, more than 20 product teams and a 18-month roadmap. You will be responsible for the target architecture, the rollout plan and the communication with the CISO and CTO.
* Run a cloud security programme for a critical infrastructure operator preparing for an audit. You will define the control framework, risk assessment and security architecture, integrate these into AWS/Azure/GCP landing zones, and report to senior management.
* Shape a company-wide AI security programme (LLMs, agent-based systems, MLSecOps) for a client preparing for the EU AI draft, implementing the regulation into technical reality.
* Building a Secure SDLC programme from scratch for a fast-growing product company, including CI/CD security tools, large-scale threat modelling, a network of security officers, and KRIs that the board actually reads.
Internally, you’ll help shape the practice itself: methodologies, accelerators, recruitment, talent development, and the development of our AI-powered Secure-by-Design product.
Does that sound exciting yet a bit overwhelming to you? It doesn’t have to be. ‘Fail fast, learn quickly’ is our motto. Together with the team, we’ll keep developing and help you reach your full potential. And if this feels like too big a step, feel free to take a look at our other vacancy for Secure by Design Consultants.
YOUR PROFILE
Must haves
* At least 7 years’ experience in cybersecurity, with a proven track record of successfully leading end-to-end client programmes for large enterprises
* In-depth technical expertise in cloud security (AWS, Azure or GCP) and modern software development practices (CI/CD, IaC, containers)
* Hands-on experience in leading transformations in the areas of ‘Secure-by-Design’, security architecture, Secure SDLC, cloud security or AI security at enterprise level
* You are comfortable steering the room with CISOs, CTOs and product leadership and at ease in an architecture deep-dive with a senior engineer
* Ready to work on-site three days a week and open to working at our clients’ sites in the DACH region for up to five days a month
A real plus
* Experience in at least one of the following areas: AI security / MLSecOps, Kubernetes platform security, regulatory programmes (NIS2, DORA, CRA, EU AI Act)
* Certifications in cloud security (CCSP, AWS / Azure / GCP Security Specialty)
* Proven track record in building and managing consulting teams or security champions
* You have a public presence, e.g. through presentations, publications, OSS, or a blog
WHY CLOUDYRION
* We support EU Blue Card sponsorship and offer a relocation package for international hires
* 30 days of vacation plus additional days off on Christmas, New Year’s Eve, and your birthday
* Hybrid work with two remote days per week, trust-based working hours and the opportunity of Workations in any EU country
* Individual learning and development opportunities, including full coverage of advanced trainings, certification costs, and educational leave for exam days
* In-house gym, massage chairs, gaming area, and dedicated break spaces
* Regular team events and plenty of space for real collaboration
ABOUT CLOUDYRION
CLOUDYRION was founded in 2020, bootstrapped and built around a simple idea: cybersecurity done properly, by people who actually care.
We work with large enterprises in the telecoms, banking, insurance, automotive and critical infrastructure sectors. Our Secure by Design, Ethical Hacking and Secure Strategy Consulting services help them get security right from the ground up.
With our founder as CEO and free from investor influence, we are still upholding our values five years on: Fail fast and learn quickly. Be a ray of sunshine. Tear down those walls.
Working at CLOUDYRION means being part of a team who love what they do, embrace diversity and celebrate their successes together.
This approach has proven its worth: our team now consists of 35 people and generates an annual turnover of around €6 million.
Learn more
Insights from real-world projects, technical deep dives and our take on secure-by-design, cloud security and modern security architectures can be found on our blog.
Authentic insights into our office life can be found on Instagram.
Let’s talk!
Do you feel inspired to take your next step? Then we look forward to your application. Whether classic or creative is up to you. What matters most is that you show us what drives you.
Contact:
Katharina - People & Culture
📩 career@cloudyrion.com
📞 +49 173 633 3724
You can find information on data protection during the application process at CLOUDYRION here.