Job Description:
Role - Senior Cybersecurity Enterprise Architect
Technology - Cyber Security
Location - Germany (Frankfurt or Munich)
Role Summary: We are looking for an enterprise architect, who has comprehensive knowledge of overall cybersecurity services and can design and lead solutions.
Exposure and knowledge of various cybersecurity domains beyond network security. This includes areas like: Cloud Security, Application Security (AppSec), Data Security, Identity and Access Management, Architectural Design and Strategy, Solution Design.
Job Description
We are seeking a highly skilled and experienced Cybersecurity Enterprise Architect to lead the development and implementation of client’s organization's overall cybersecurity strategy and architecture. As a key member of the technology leadership team, you will be responsible for defining the security vision, principles, and standards that will protect our critical assets and ensure business continuity in an evolving threat landscape. You will collaborate closely with IT, engineering, and business stakeholders to translate business requirements into secure and resilient solutions.
Responsibilities:
* Develop and Maintain Security Architecture: Define and maintain the enterprise cybersecurity architecture, including reference architecture, security patterns, and blueprints. Ensure alignment with business goals, regulatory requirements, and industry best practices (e.g., NIST CSF, ISO 27001).
* Strategy and Vision: Contribute to the development and execution of the overall cybersecurity strategy, providing technical leadership and guidance on security initiatives.
* Risk Assessment and Mitigation: Conduct security risk assessments and provide recommendations for mitigating identified vulnerabilities and threats at an enterprise level.
* Security Standards and Policies: Define and enforce security standards, policies, procedures, and guidelines across the organization.
* Technology Evaluation: Evaluate and recommend security technologies and solutions to address current and emerging threats and improve the organization's security posture.
* Solution Design and Review: Participate in the design and review of IT and business solutions to ensure security is integrated from the outset (Security by Design).
* Threat Modeling: Lead threat modeling exercises to identify potential security weaknesses in applications, systems, and infrastructure.
* Incident Response Planning: Contribute to the development and testing of incident response plans and procedures.
* Cloud Security Architecture: Design and implement secure cloud architecture and security controls across various cloud platforms (e.g., AWS, Azure, GCP).
* Identity and Access Management (IAM): Define and oversee the implementation of robust IAM strategies and solutions.
* Data Protection and Privacy: Ensure the architecture supports data protection and privacy requirements (e.g., GDPR, CCPA, local regulations).
* Security Awareness: Promote security awareness and best practices across the organization.
* Collaboration and Communication: Effectively communicate security architecture concepts and solutions to technical and non-technical stakeholders. Collaborate with cross-functional teams to implement security controls.
* Mentorship and Guidance: Provide technical guidance and mentorship to security engineers and other team members.
* Continuous Improvement: Stay abreast of the latest cybersecurity threats, trends, and technologies and proactively recommend improvements to the security architecture.
Qualifications:
* Bachelor’s degree in computer science, Information Security, or a related field. Master's degree preferred.
* 18 + years of experience in cybersecurity, with a significant portion focused on security architecture.
* Proven experience in developing and implementing enterprise-level security architectures.
* Technical expertise in multiple cybersecurity domains, such as:
* Network Security (Firewalls, IPS/IDS, VPNs, Proxy)
* Cloud Security (AWS, Azure, GCP)
* Endpoint Security
* Data Security
* Data Loss Prevention (DLP)
* Identity and Access Management (IAM)
* Strong understanding of security frameworks, standards, and best practices (e.g., NIST CSF, ISO 27001, CIS Controls).
* In-depth knowledge of various security domains, including network security, application security, cloud security, data security, and identity and access management.
* Experience with cloud security architecture and security controls for major cloud platforms (e.g., AWS, Azure, GCP).
* Familiarity with threat modeling methodologies and tools.
* Strong understanding of security technologies such as firewalls, intrusion detection/prevention systems, SIEM, vulnerability management tools, and endpoint security solutions.
* Excellent analytical, problem-solving, and decision-making skills.
* Strong communication, presentation, and interpersonal skills with the ability to effectively communicate complex technical concepts to diverse audiences.
* Relevant security certifications such as CISSP, CISM, CCSP are highly desirable
Domain Experience:
* Experience with specific industry verticals (e.g., Manufacturing, finance, healthcare).
* Experience in designing Network, Endpoint, Data Security, IAM Solutions.
* Knowledge of DevOps and DevSecOps principles.
* Experience with security automation and orchestration tools.
* Familiarity with regulatory compliance requirements relevant to your industry (e.g., PCI DSS, HIPAA).