Vacant job

About the Assignment

We are looking for an experienced Security Architect for an assignment in a technology-heavy and business-critical environment focusing on cloud-based and distributed systems. The role is strategically important and has a significant influence on how security is integrated into both current and future platforms.

You will work closely with development teams, architects, DevOps, and central security functions to ensure that security is a natural and integrated part of the entire delivery process.

Responsibilities

• Design, further develop, and manage security architecture in line with business requirements, regulatory requirements, and internal governing principles
• Ensure that security permeates the entire software lifecycle, focusing on secure-by-design and cloud-native approaches
• Identify, analyze, and manage risks and vulnerabilities, and drive actions for risk reduction
• Conduct and lead architecture and design reviews focusing on threat modeling, robustness, and long-term sustainability
• Collaborate with various stakeholders and serve as an advisor in security-related decisions
• Support improvements in monitoring, incident management, and technical resilience
• Contribute to technical roadmaps and future architectural choices from a security perspective
• Participate in internal and external security audits and reviews

Profile

We are looking for a confident and proactive security professional with the ability to combine strategic thinking with practical execution. You are used to communicating security clearly and pedagogically and guiding teams in their daily work.

You thrive in an advisory and coaching role but are also comfortable making decisions and driving issues forward when necessary.

Qualifications

• Solid experience in the role of Security Architect, preferably in cloud-based environments
• Deep knowledge of AWS, including IAM, networking, logging, and security controls
• Good understanding of Secure SDLC and established security frameworks such as ISO 27001 and NIST 800-53
• Practical experience with DevSecOps tools and methodologies (e.g., SAST, SCA, secrets scanning, IaC security)
• Experience in risk analysis, threat modeling, and architecture reviews
• Excellent communication skills in English

Desirable

• Experience with large-scale distributed systems
• Knowledge of PKI and certificate management (onboarding/offboarding)
• Understanding of regulations related to connected services, such as UNECE R155
• Experience working in multi-cloud environments, such as Azure

Other

Selection and interviews are ongoing, and the assignment may be filled before the application deadline. Therefore, we recommend applying as soon as possible if interested.