(Senior) Cloud Security Architect (mfx) (onsite remote in Germany)

Were looking for a Senior Cloud Security Architect to own and evolve our AWS security architecture across a multi-account environment. Youll define guardrails design secure patterns and partner with platform and product teams to ship resilient compliant services at speed.

What youll do

• Architect Cloud Foundations: Support the strategy for our core AWS environment including our multi-account structure network security patterns (TGW VPCs) and identity and access management (IAM) at scale.

• Secure the Software Development Lifecycle: Partner with engineering teams to embed security into every stage of development. This includes defining standards for container security (EKS) securing CI/CD pipelines with policy-as-code and promoting secure Infrastructure-as-Code (IaC) modules.

• Lead Threat Detection and Response: Design and implement the strategy for cloud threat detection and monitoring. Serve as the primary technical expert during cloud security incidents to guide investigation and containment.

• Govern Data Protection and Encryption: Establish and oversee the enterprise strategy for data security in the cloud defining standards and reference patterns for cryptographic services (KMS) data discovery and service-specific encryption controls.

• Drive Governance Risk and Enablement: Translate compliance requirements (e.g. ISO 27001 SOC 2) into actionable cloud controls. Empower engineers by leading threat modeling sessions facilitating architecture reviews and publishing reusable security patterns.

• Evaluate and Integrate Security Tooling: Lead the evaluation selection and strategic integration of modern cloud security platforms (e.g. CNAPP CSPM CIEM) to provide measurable value and actionable insights.

Qualifications :

• Bachelors or Masters degree in Computer Science Information Security or a related field.

• Extensive experience in security/infrastructure and in designing on AWS at multi-account scale.

• Proven ownership of AWS org-level controls: Organizations/Control Tower SCPs SSO/IAM Identity Center CloudTrail org trails Security Hub GuardDuty.

• Deep hands-on with IAM (STS permission boundaries condition keys role chaining) KMS VPC/TGW/PrivateLink Route 53 WAF/Shield S3 security.

• Strong IaC (Terraform preferred; CloudFormation/CDK fine) and CI/CD integration (GitHub Actions/GitLab/Jenkins).

• Solid EKS security (IRSA PSP/PSS network policies admission control via Kyverno/Gatekeeper) and container supply-chain fundamentals.

• Experience building policy-as-code and guardrails that block risky changes pre-merge without blocking delivery.

• Competent in at least one language (Python or Go) plus shell; capable of writing small tools and automations.

• Excellent stakeholder communication and documentation.

Additional Information :

• Be part of one of the fastest-growing and most visible Fintech startups in Europe creating innovative services that have a substantial impact on the lives of our customers
• Work with an international diverse inclusive and ever-growing team that loves creating the best products for our clients
• Work from our centrally located offices in the heart of Munich or Berlin nestled in lively neighborhoods filled with vibrant restaurants cozy cafés and a wide range of convenient amenities or choose to work remotely within Germany (if eligible for the job)
• Be productive with the latest hardware and tools
• Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget 
• Learn and experience German culture first hand by joining our free German language classes
• International relocation support is provided if required 
• Flexible vacation policy and the opportunity to work from abroad
• Benefit from an attractive compensation package and from the company pension scheme
• Monthly contribution of 50% for the Deutschland Jobticket
• Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capitals PRIME Broker
• Enjoy flexible and discounted sports activities with Urban Sports Club

#LI-Hybrid

Remote Work :

Yes

Employment Type :

Full-time