Für unseren Kunden suchen wir ab sofort einen Security Architecture Specialist (m/w/d) Broad Expertise in Cloud, IAM, DevSecOps and Application Security für den voraussichtlichen Zeitraum bis 11/2025 mit der Option auf langfristige Verlängerung. In diesem großen Greenfield-Projekt kann unter Nutzung moderner Technologien ein Beitrag zur Energiewende geleistet werden. Das Projekt ist als Vollzeitbeschäftigung geplant. Mindestens 3 Tage pro Monat finden vor Ort in Frankfurt am Main oder Berlin statt.

Hinweis: Bitte sehen Sie von Bewerbungen ab, die nicht alle Mindestkriterien erfüllen.

Project Description:
The team is building an internal platform for software product developers to accelerate the development and delivery of software products to tackle the massive challenges facing the energy sector. The Platform is a service oriented, cloud-native platform that is being built to provide application teams with self-service capabilities to develop, run and operate their software products. The Platform provides services for application infrastructure, data, service lifecycle management, application build and delivery as well as services to operate their software products. The platform is deployed as a hybrid cloud, encompassing both private cloud and selected public clouds.

Targets in that Position:
- Consultancy for platform and security architecture management
- Technical coordination of security architecture principles and patterns
- Consultancy in security architecture management processes

Must-Have:
- Experience in security architecture principles, secure design patterns and frameworks
- Experience in at least one following security domains:
> Security Architecture and Design, Cloud Security
> Identity and Access Management (IAM), Application Security
> DevSecOps and Automation
> Incident Response and Resilience
> Cryptography and Data Protect
- Experience in translating technical security requirements into actionable designs and documentation

Nice-to-Have:
- Experience to design and implement security and compliance controls for platforms
- Experience with threat modeling methodologies and risk assessment
- Experience with DevSecOps practices and tools for integrating security into platform development
- Experience with cloud posture management and detection tools (CSPM, KSP, Workload protection)
- Experience with baseline detection and response toolsets (SIEM, EDR, XDR)
- Good command and understanding of security & compliance standards and frameworks including ISO/IEC 27001, CSA CCM, BSI Grundschutz, CSI, NIST CSF, NIST OSCAL, etc.
- Experience in sector-specific regulations (e.g. NIS2, CRA, KRITIS, BSI C5, …