Security Architect

Security Architect Location: Munich Our client is seeking an experienced professional to lead enterprise security architecture and governance, embedding secure-by-design principles across products, platforms, and operations. In this role you will define standards and risk frameworks to deliver scalable, audit-ready, and business-aligned security outcomes. Key Responsibilities: Own and evolve the Information Security Management System (ISMS), including policies and standards. Define enterprise security architecture, reference models, and governance frameworks. Lead security architecture reviews and enforce consistent decisions across platforms. Govern risk assessment, treatment, and formal risk acceptance processes. Define and align security requirements across domains (e.g., cloud, application, IAM, data, AI/ML). Own the roadmap and lifecycle of governance artefacts (policies, standards, architectures, risk models). Ensure governance outputs are practical, scalable, and aligned to regulatory and business needs. Collaborate with engineering, regional security, and audit teams to drive adoption. Requirements: 7–10+ years’ experience in security architecture, governance, or risk leadership. Strong knowledge of secure-by-design principles and enterprise security frameworks. Experience across multiple domains (e.g., cloud, IT, product, OT). Solid understanding of ISMS and standards such as ISO/IEC 27001. Proven ability to lead architecture reviews and make risk-based decisions. Ability to translate technical risk into business impact. Relevant degree; certifications (e.g., CISM, ISO 27001, TOGAF) are a plus. Fluent in German and English. What’s on Offer? Enterprise-wide impact in a strategic security role. Ownership of security architecture and governance direction. Opportunity to shape secure-by-design practices across technologies. Exposure to senior stakeholders and cross-functional teams.

  Senior IAM Architect Our client is a large international organisation seeking an Enterprise Security Architect to join their Group Information Security function, with a focus on Identity and Access Management. You will sit within the Security Architecture department, responsible for the domain-specific development and ongoing enhancement of a group-wide security architecture, with the goal of ensuring and continuously improving IT security and cyber resilience across the organisation. Key Responsibilities: Analyse cybersecurity IAM trends relevant to the organisation, including regulatory developments and emerging technologies such as AI, Cloud and Non-Human Identities Produce IAM-specific risk assessments as part of technical security architecture design, covering cost, benefit and risk reduction Evaluate IAM threat scenarios and design high-level IAM security architectures, including standards, baselines and reusable artefacts such as patterns and blueprints Drive stakeholder alignment and steer solution design and implementation as subject matter expert, including presenting in group-wide security forums Assess IT security posture against best practices and provide actionable recommendations aligned to ISO and NIST frameworks Your Profile: Degree in Computer Science or a comparable qualification Extensive experience in the Identity and Access Management domain, ideally including proven delivery of IAM architecture within large organisations Strong background in security architecture roles, covering both technology-specific and enterprise-level architecture including target state definition and roadmaps Hands-on experience with IAM platforms and tooling, ideally including: IAM: Microsoft Entra ID / Active Directory, Ping Identity, Okta PAM: CyberArk / BeyondTrust IGA: SailPoint / Oracle OIG Zero Trust: NIST 800-207 Understanding of attacker mindset and offensive security; certifications such as OSCP, CEH or equivalent are advantageous Ability to work independently and take ownership of complex technical topics Strong problem-solving mindset with a structured, solution-oriented approach Fluent in English; German language skills are an advantage

Director SOC Our client is a large international organisation seeking a senior leader for the newly created role of Director Security Operations. This is a central function responsible for overseeing and managing security vulnerabilities across the organisation's security landscape. You will be accountable for effective monitoring, detection and management of vulnerabilities across Cyber and Product Security, ensuring clear, organisation-wide visibility of threats and weaknesses to enable the relevant teams to act. The focus of this role is transparency, prioritisation and consistent follow-through — direct remediation and incident response are outside its scope. Key Responsibilities: Drive the development of organisation-wide security monitoring and detection capabilities Lead the enterprise vulnerability management framework, ensuring systematic identification, prioritisation and tracking of vulnerabilities across IT, cloud and product environments Build and operate a new Product Security Testing Centre, establishing scalable services for vulnerability analysis and penetration testing Provide decision-relevant situational reporting for IT operational security, product security, system owners and senior leadership including the CISO Act as the escalation point for systemic or uncontrolled vulnerabilities, ensuring transparency and clear accountability Your Profile: Proven experience leading functions in security monitoring, threat detection or vulnerability management Strong working knowledge of SIEM, vulnerability scanning and enterprise-scale testing platforms Experience independently leading an organisation-wide vulnerability management programme with the ability to prioritise on a risk basis Familiarity with product security testing, including penetration testing or fuzzing Track record of building scalable, repeatable operational processes with a focus on signal quality over tool proliferation

Penetration Tester Location: Frankfurt Our client is a large international organisation seeking a Penetration Tester to join their information security team. You will join the information security team, helping to ensure products and projects are delivered securely. Key Responsibilities: Plan, execute and track penetration tests, evaluating findings and proposing mitigation actions. Produce clear test reports and maintain statistics for reporting and tracking purposes. Provide technical support to security functions including SOC, risk management and architecture. Coordinate activities such as bug bounties, SAST, DAST, audits and vulnerability scanning. Contribute to secure coding training and awareness initiatives. Serve as the internal point of contact for all penetration testing queries and follow up on findings. Your Profile: Degree in Computer Science, Business Informatics or equivalent IT experience. At least 3 years of hands-on penetration testing experience. Solid understanding of the cyber threat and vulnerability landscape. Certifications such as CompTIA PenTest+, CEH, GPEN or OSCP are advantageous. Self-driven and results-oriented, with the ability to work independently. Advanced English proficiency; additional languages are a plus.