(Senior) Cloud Security Architect (m/f/x)

(Senior) Cloud Security Architect (m/f/x)

We’re looking for a Senior Cloud Security Architect to own and evolve our AWS security architecture across a multi‑account environment. You’ll define guardrails, design secure patterns, and partner with platform and product teams to ship resilient, compliant services at speed.

What you’ll do

• Architect Cloud Foundations: Support the strategy for our core AWS environment, including our multi‑account structure, network security patterns (TGW, VPCs), and identity and access management (IAM) at scale.
• Secure the Software Development Lifecycle: Partner with engineering teams to embed security into every stage of development. This includes defining standards for container security (EKS), securing CI/CD pipelines with policy‑as‑code, and promoting secure Infrastructure‑as‑Code (IaC) modules.
• Lead Threat Detection and Response: Design and implement the strategy for cloud threat detection and monitoring. Serve as the primary technical expert during cloud security incidents to guide investigation and containment.
• Govern Data Protection and Encryption: Establish and oversee the enterprise strategy for data security in the cloud, defining standards and reference patterns for cryptographic services (KMS), data discovery, and service‑specific encryption controls.
• Drive Governance, Risk, and Enablement: Translate compliance requirements (e.g., ISO 27001, SOC 2) into actionable cloud controls. Empower engineers by leading threat‑modeling sessions, facilitating architecture reviews, and publishing reusable security patterns.
• Evaluate and Integrate Security Tooling: Lead the evaluation, selection, and strategic integration of modern cloud security platforms (e.g., CNAPP, CSPM, CIEM) to provide measurable value and actionable insights.

Qualifications

• Bachelor's or Master’s degree in Computer Science, Information Security, or a related field.
• Extensive experience in security/infrastructure and in designing on AWS at multi‑account scale.
• Proven ownership of AWS org‑level controls: Organizations/Control Tower, SCPs, SSO/IAM Identity Center, CloudTrail org trails, Security Hub, GuardDuty.
• Deep hands‑on with IAM (STS, permission boundaries, condition keys, role chaining), KMS, VPC/TGW/PrivateLink, Route 53, WAF/Shield, S3 security.
• Strong IaC (Terraform preferred; CloudFormation/CDK fine) and CI/CD integration (GitHub Actions/GitLab/Jenkins).
• Solid EKS security (IRSA, PSP/PSS, network policies, admission control via Kyverno/Gatekeeper) and container supply‑chain fundamentals.
• Experience building policy‑as‑code and guardrails that block risky changes pre‑merge without blocking delivery.
• Competent in at least one language (Python or Go) plus shell; capable of writing small tools and automations.
• Excellent stakeholder communication and documentation.

Additional Information

• Be part of one of the fastest‑growing and most visible Fintech startups in Europe, creating innovative services that have a substantial impact on the lives of our customers.
• Work with an international, diverse, inclusive, and ever‑growing team that loves creating the best products for our clients.
• Work from our centrally located offices in the heart of Munich or Berlin, or choose to work remotely within Germany (if eligible for the job).
• Be productive with the latest hardware and tools.
• Learn and grow by joining our in‑house knowledge sharing or career development sessions and spending your individual Education Budget.
• Learn and experience German culture first hand by joining our free German language classes.
• International relocation support is provided if required.
• Flexible vacation policy and the opportunity to work from abroad.
• Benefit from an attractive compensation package and from the company pension scheme.
• Monthly contribution of 50% for the ‘Deutschland Jobticket’.
• Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capital's PRIME+ Broker.
• Enjoy flexible and discounted sports activities with Urban Sports Club.

Seniority level

Mid‑Senior level

Employment type

Full‑time

Job function

Human Resources

#J-18808-Ljbffr