(Senior) Cloud Security Architect (mfx)

München - Germany

Monthly Salary: Not Disclosed

Posted on: 17 days ago

Vacancies: 1 Vacancy

Department:

Engineering

Job Summary

Were looking for a Senior Cloud Security Architect to own and evolve our AWS security architecture across a multi-account environment. Youll define guardrails design secure patterns and partner with platform and product teams to ship resilient compliant services at speed.

What youll do

Architect Cloud Foundations: Support the strategy for our core AWS environment including our multi-account structure network security patterns (TGW VPCs) and identity and access management (IAM) at scale.
Secure the Software Development Lifecycle: Partner with engineering teams to embed security into every stage of development. This includes defining standards for container security (EKS) securing CI/CD pipelines with policy-as-code and promoting secure Infrastructure-as-Code (IaC) modules.
Lead Threat Detection and Response: Design and implement the strategy for cloud threat detection and monitoring. Serve as the primary technical expert during cloud security incidents to guide investigation and containment.
Govern Data Protection and Encryption: Establish and oversee the enterprise strategy for data security in the cloud defining standards and reference patterns for cryptographic services (KMS) data discovery and service-specific encryption controls.
Drive Governance Risk and Enablement: Translate compliance requirements (e.g. ISO 27001 SOC 2) into actionable cloud controls. Empower engineers by leading threat modeling sessions facilitating architecture reviews and publishing reusable security patterns.
Evaluate and Integrate Security Tooling: Lead the evaluation selection and strategic integration of modern cloud security platforms (e.g. CNAPP CSPM CIEM) to provide measurable value and actionable insights.

Qualifications :

Bachelors or Masters degree in Computer Science Information Security or a related field.
Extensive experience in security/infrastructure and in designing on AWS at multi-account scale.
Proven ownership of AWS org-level controls: Organizations/Control Tower SCPs SSO/IAM Identity Center CloudTrail org trails Security Hub GuardDuty.
Deep hands-on with IAM (STS permission boundaries condition keys role chaining) KMS VPC/TGW/PrivateLink Route 53 WAF/Shield S3 security.
Strong IaC (Terraform preferred; CloudFormation/CDK fine) and CI/CD integration (GitHub Actions/GitLab/Jenkins).
Solid EKS security (IRSA PSP/PSS network policies admission control via Kyverno/Gatekeeper) and container supply-chain fundamentals.
Experience building policy-as-code and guardrails that block risky changes pre-merge without blocking delivery.
Competent in at least one language (Python or Go) plus shell; capable of writing small tools and automations.
Excellent stakeholder communication and documentation.

Additional Information :

Be part of one of the fastest-growing and most visible Fintech startups in Europe creating innovative services that have a substantial impact on the lives of our customers
Work with an international diverse inclusive and ever-growing team that loves creating the best products for our clients
Work from our centrally located offices in the heart of Munich or Berlin nestled in lively neighborhoods filled with vibrant restaurants cozy cafés and a wide range of convenient amenities or choose to work remotely within Germany (if eligible for the job)
Be productive with the latest hardware and tools
Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget
Learn and experience German culture first hand by joining our free German language classes
International relocation support is provided if required
Flexible vacation policy and the opportunity to work from abroad
Benefit from an attractive compensation package and from the company pension scheme
Monthly contribution of 50% for the Deutschland Jobticket
Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capitals PRIME Broker
Enjoy flexible and discounted sports activities with Urban Sports Club

#LI-Hybrid

Remote Work :

Employment Type :

Full-time

What youll do

Architect Cloud Foundations: Support the strategy for our core AWS environment including our multi-account structure network security patterns (TGW VPCs) and identity and access management (IAM) at scale.
Secure the Software Development Lifecycle: Partner with engineering teams to embed security into every stage of development. This includes defining standards for container security (EKS) securing CI/CD pipelines with policy-as-code and promoting secure Infrastructure-as-Code (IaC) modules.
Lead Threat Detection and Response: Design and implement the strategy for cloud threat detection and monitoring. Serve as the primary technical expert during cloud security incidents to guide investigation and containment.
Govern Data Protection and Encryption: Establish and oversee the enterprise strategy for data security in the cloud defining standards and reference patterns for cryptographic services (KMS) data discovery and service-specific encryption controls.
Drive Governance Risk and Enablement: Translate compliance requirements (e.g. ISO 27001 SOC 2) into actionable cloud controls. Empower engineers by leading threat modeling sessions facilitating architecture reviews and publishing reusable security patterns.
Evaluate and Integrate Security Tooling: Lead the evaluation selection and strategic integration of modern cloud security platforms (e.g. CNAPP CSPM CIEM) to provide measurable value and actionable insights.

Qualifications :

Bachelors or Masters degree in Computer Science Information Security or a related field.
Extensive experience in security/infrastructure and in designing on AWS at multi-account scale.
Proven ownership of AWS org-level controls: Organizations/Control Tower SCPs SSO/IAM Identity Center CloudTrail org trails Security Hub GuardDuty.
Deep hands-on with IAM (STS permission boundaries condition keys role chaining) KMS VPC/TGW/PrivateLink Route 53 WAF/Shield S3 security.
Strong IaC (Terraform preferred; CloudFormation/CDK fine) and CI/CD integration (GitHub Actions/GitLab/Jenkins).
Solid EKS security (IRSA PSP/PSS network policies admission control via Kyverno/Gatekeeper) and container supply-chain fundamentals.
Experience building policy-as-code and guardrails that block risky changes pre-merge without blocking delivery.
Competent in at least one language (Python or Go) plus shell; capable of writing small tools and automations.
Excellent stakeholder communication and documentation.

Additional Information :

Be part of one of the fastest-growing and most visible Fintech startups in Europe creating innovative services that have a substantial impact on the lives of our customers
Work with an international diverse inclusive and ever-growing team that loves creating the best products for our clients
Work from our centrally located offices in the heart of Munich or Berlin nestled in lively neighborhoods filled with vibrant restaurants cozy cafés and a wide range of convenient amenities or choose to work remotely within Germany (if eligible for the job)
Be productive with the latest hardware and tools
Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget
Learn and experience German culture first hand by joining our free German language classes
International relocation support is provided if required
Flexible vacation policy and the opportunity to work from abroad
Benefit from an attractive compensation package and from the company pension scheme
Monthly contribution of 50% for the Deutschland Jobticket
Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capitals PRIME Broker
Enjoy flexible and discounted sports activities with Urban Sports Club

#LI-Hybrid

Remote Work :

Employment Type :

Full-time

Key Skills

Apache Hive
S3
Redshift
Spark
AWS
Solr
NoSQL
Data Warehouse
Internet Of Things
Kafka
DynamoDB
ZooKeeper

Apply Now

About Company

Scalable GmbH

Scalable Capital is a leading FinTech in Europe, bringing people and technology-based investment together. The company was founded in 2014 and has offices in Munich, Berlin and London. For private individuals, Scalable Capital offers a broker with a trading flat rate and interest and ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click