Senior Cybersecurity Enterprise Architect (m/f/d)

Role - Senior Cybersecurity Enterprise Architect (m/f/d)

Technology - Cyber Security
Location - Germany (Frankfurt, Munich)

Job Description

We are seeking a highly skilled and experienced Cybersecurity Enterprise Architect to lead the development and implementation of client’s organization's overall cybersecurity strategy and architecture. As a key member of the technology leadership team, you will be responsible for defining the security vision, principles, and standards that will protect our critical assets and ensure business continuity in an evolving threat landscape. You will collaborate closely with IT, engineering, and business stakeholders to translate business requirements into secure and resilient solutions.

Responsibilities

• Develop and Maintain Security Architecture: Define and maintain the enterprise cybersecurity architecture, including reference architecture, security patterns, and blueprints. Ensure alignment with business goals, regulatory requirements, and industry best practices (e.g., NIST CSF, ISO 27001).
• Strategy and Vision: Contribute to the development and execution of the overall cybersecurity strategy, providing technical leadership and guidance on security initiatives.
• Risk Assessment and Mitigation: Conduct security risk assessments and provide recommendations for mitigating identified vulnerabilities and threats at an enterprise level.
• Security Standards and Policies: Define and enforce security standards, policies, procedures, and guidelines across the organization.
• Technology Evaluation: Evaluate and recommend security technologies and solutions to address current and emerging threats and improve the organization's security posture.
• Solution Design and Review: Participate in the design and review of IT and business solutions to ensure security is integrated from the outset (Security by Design).
• Threat Modeling: Lead threat modeling exercises to identify potential security weaknesses in applications, systems, and infrastructure.
• Incident Response Planning: Contribute to the development and testing of incident response plans and procedures.
• Cloud Security Architecture: Design and implement secure cloud architecture and security controls across various cloud platforms (e.g., AWS, Azure, GCP).
• Identity and Access Management (IAM): Define and oversee the implementation of robust IAM strategies and solutions.
• Data Protection and Privacy: Ensure the architecture supports data protection and privacy requirements (e.g., GDPR, CCPA, local regulations).
• Security Awareness: Promote security awareness and best practices across the organization.
• Collaboration and Communication: Effectively communicate security architecture concepts and solutions to technical and non-technical stakeholders. Collaborate with cross-functional teams to implement security controls.
• Mentorship and Guidance: Provide technical guidance and mentorship to security engineers and other team members.
• Continuous Improvement: Stay abreast of the latest cybersecurity threats, trends, and technologies and proactively recommend improvements to the security architecture.

Qualifications

Bachelor’s degree in computer science, Information Security, or a related field. Master's degree preferred.
18 + years of experience in cybersecurity, with a significant portion focused on security architecture.
Proven experience in developing and implementing enterprise-level security architectures.
Technical expertise in multiple cybersecurity domains, such as:

• Network Security (Firewalls, IPS/IDS, VPNs, Proxy)
• Cloud Security (AWS, Azure, GCP)
• Endpoint Security
• Data Security
• Data Loss Prevention (DLP)
• Identity and Access Management (IAM)

Strong understanding of security frameworks, standards, and best practices (e.g., NIST CSF, ISO 27001, CIS Controls).
In-depth knowledge of various security domains, including network security, application security, cloud security, data security, and identity and access management.
Experience with cloud security architecture and security controls for major cloud platforms (e.g., AWS, Azure, GCP).
Familiarity with threat modeling methodologies and tools.
Strong understanding of security technologies such as firewalls, intrusion detection/prevention systems, SIEM, vulnerability management tools, and endpoint security solutions.
Excellent analytical, problem-solving, and decision-making skills.
Strong communication, presentation, and interpersonal skills with the ability to effectively communicate complex technical concepts to diverse audiences.
Relevant security certifications such as CISSP, CISM, CCSP are highly desirable

Domain Experience

Experience with specific industry verticals (e.g., Manufacturing, finance, healthcare).
Experience in designing Network, Endpoint, Data Security, IAM Solutions.
Knowledge of DevOps and DevSecOps principles.
Experience with security automation and orchestration tools.
Familiarity with regulatory compliance requirements relevant to your industry (e.g., PCI DSS, HIPAA).

About Infosys

Infosys is a global leader in next-generation digital services and consulting. We enable clients in 56 countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through the many next of their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise and ideas from our innovation ecosystem.

Visit www.infosys.com to see how Infosys can help your enterprise navigate your next.

All aspects of employment at Infosys are based on merit, competence and performance. We are committed to embracing diversity and creating an inclusive environment for all employees. Infosys is proud to be an equal opportunity employer.