(Senior) Cloud Security Architect (mfx)

Overview

Were looking for a Senior Cloud Security Architect to own and evolve our AWS security architecture across a multi-account environment. Youll define guardrails design secure patterns and partner with platform and product teams to ship resilient compliant services at speed.

What you’ll do

• Architect Cloud Foundations: Support the strategy for our core AWS environment including our multi-account structure network security patterns (TGW VPCs) and identity and access management (IAM) at scale.
• Secure the Software Development Lifecycle: Partner with engineering teams to embed security into every stage of development. This includes defining standards for container security (EKS) securing CI / CD pipelines with policy-as-code and promoting secure Infrastructure-as-Code (IaC) modules.
• Lead Threat Detection and Response: Design and implement the strategy for cloud threat detection and monitoring. Serve as the primary technical expert during cloud security incidents to guide investigation and containment.
• Govern Data Protection and Encryption: Establish and oversee the enterprise strategy for data security in the cloud defining standards and reference patterns for cryptographic services (KMS) data discovery and service-specific encryption controls.
• Drive Governance Risk and Enablement: Translate compliance requirements (e.g. ISO 27001 SOC 2) into actionable cloud controls. Empower engineers by leading threat modeling sessions facilitating architecture reviews and publishing reusable security patterns.
• Evaluate and Integrate Security Tooling: Lead the evaluation selection and strategic integration of modern cloud security platforms (e.g. CNAPP CSPM CIEM) to provide measurable value and actionable insights.

Qualifications

• Bachelors or Masters degree in Computer Science Information Security or a related field.
• Extensive experience in security / infrastructure and in designing on AWS at multi-account scale.
• Proven ownership of AWS org-level controls: Organizations / Control Tower SCPs SSO / IAM Identity Center CloudTrail org trails Security Hub GuardDuty.
• Deep hands-on with IAM (STS permission boundaries condition keys role chaining) KMS VPC / TGW / PrivateLink Route 53 WAF / Shield S3 security.
• Strong IaC (Terraform preferred; CloudFormation / CDK fine) and CI / CD integration (GitHub Actions / GitLab / Jenkins).
• Solid EKS security (IRSA PSP / PSS network policies admission control via Kyverno / Gatekeeper) and container supply-chain fundamentals.
• Experience building policy-as-code and guardrails that block risky changes pre-merge without blocking delivery.
• Competent in at least one language (Python or Go) plus shell; capable of writing small tools and automations.
• Excellent stakeholder communication and documentation.

Additional Information

• Be part of one of the fastest-growing and most visible Fintech startups in Europe creating innovative services that have a substantial impact on the lives of our customers
• Work with an international diverse inclusive and ever-growing team that loves creating the best products for our clients
• Work from our centrally located offices in the heart of Munich or Berlin nestled in lively neighborhoods filled with vibrant restaurants cozy cafés and a wide range of convenient amenities or choose to work remotely within Germany (if eligible for the job)
• Be productive with the latest hardware and tools
• Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget
• Learn and experience German culture first hand by joining our free German language classes
• International relocation support is provided if required
• Flexible vacation policy and the opportunity to work from abroad
• Benefit from an attractive compensation package and from the company pension scheme
• Monthly contribution of 50% for the Deutschland Jobticket
• Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capitals PRIME Broker
• Enjoy flexible and discounted sports activities with Urban Sports Club
• Remote Work : No
• Employment Type : Full-time

Key Skills

Apache Hive,S3,Redshift,Spark,AWS,Solr,NoSQL,Data Warehouse,Internet Of Things,Kafka,DynamoDB,ZooKeeper

Department / Functional Area : Engineering

Experience : years

Vacancy : 1

#J-18808-Ljbffr