Application Security Architect (m/f)

• →Define and lead the application security strategy
• →Establish and maintain security standards, principles, and architectural guidelines
• →Ensure consistent implementation of security practices across different teams and projects
• →Advise development teams and architects on secure design and solution implementation
• →Integrate security into the SDLC through a DevSecOps approach (CI/CD, automated controls)
• →Define and oversee the use of security tools (SAST, DAST, SCA, IAST)
• →Lead threat modeling activities and security assessments for complex systems
• →Identify and manage security risks at the organizational level
• →Collaborate with infrastructure, cloud, and compliance teams (e.g. ISO 27001, GDPR)
• →Monitor emerging threats, vulnerabilities, and industry trends
• →Promote security awareness and education across the organization

• 7+ years of experience in application security or security architecture
• Experience in defining and implementing security standards and strategies
• Deep understanding of the OWASP Top 10, secure coding practices, and secure design principles
• Experience with modern software development processes (Agile, CI/CD, DevOps, cloud-native environments)
• Hands-on experience with security tools (SAST, DAST, SCA, IAST)
• Experience with threat modeling methodologies (e.g. STRIDE)
• Experience working with cloud platforms (AWS, Azure, or GCP)
• Knowledge of regulatory and security frameworks (ISO 27001, NIST, NIS2/ZKS, CRA, CSA, GDPR)
• Strong communication and facilitation skills
• Ability to think strategically and make sound decisions

• Certifications such as CISSP, CSSLP, or similar
• Experience in mentoring or leading security initiatives
• Good understanding of at least one programming language (Java, .NET, JavaScript, Python, or similar)
• Experience with penetration testing or red teaming activities
• Experience in scaling security practices across complex environments

We look forward to meeting you!