Lead Security Architect
Vor 5 Tagen
The Opportunity:
As we expand our engineering team beyond 100 members, we are establishing a tech leadership pathway that will facilitate our growth. In the role of Principal Engineer for Product Security, you will have the unique opportunity to define this position and cultivate the tech leadership culture alongside the Director of Tech Leadership.
In this capacity, you will tackle complex technical challenges associated with our innovative product offerings. Our commerce APIs manage sensitive information, including customer accounts and transactions. The Merchant Center, our administrative tool, incorporates a complex permission framework built upon our APIs. Your role will empower product teams to integrate security from the outset within a multi-cloud infrastructure.
Your Mission:
- Develop a unified security framework and operational best practices, particularly for new services and teams.
- Train product teams on conducting risk evaluations, identifying threats, and designing secure applications (including API-first solutions).
- Assess requirements and application designs, assisting product teams in addressing any deficiencies.
- Facilitate the integration of SAST, DAST, and SCA tools into the development lifecycle.
- Organize external penetration assessments and guide teams in rectifying identified vulnerabilities.
- Collaborate with development teams to resolve security challenges and enhance overall security.
- Rapidly investigate emerging attack vectors to help teams implement effective security measures.
- Support teams during certification audits.
- Identify skill gaps and promote security knowledge sharing across the organization with our internal knowledge management team.
- Initiate enhancements that impact multiple teams to bolster our Product Security, while also bringing your colleagues' ideas to fruition.
- Lead organizational communication on long-term initiatives, ensuring successful adoption.
- Work closely with Product Management, fellow Principal Engineers, the Head of Engineering, as well as legal and compliance teams.
- Contribute to the evolution of our technical vision and advocate for it within the organization.
What you need to succeed:
- A robust technical foundation and a proven history in a hands-on Product Security role (5+ years).
- Experience enhancing Product Security in a leadership capacity (2+ years).
- Proficiency in Secure Architecture design evaluations and Threat Modeling.
- Expertise in embedding Security at various stages of the Software Development Life Cycle (SDLC).
- Familiarity with Static Analysis and Secure Code Review implementations for early detection of security vulnerabilities in the SDLC.
- Strong understanding of Linux systems, Kubernetes, Terraform, Vault, API, and web application security.
- Relevant Security Certifications such as CISSP, CCSP, Certified Kubernetes Security Specialist, or cloud security certifications (GCP/AWS/Azure).
- Practical experience in DevSecOps, with proficiency in at least one scripting language (e.g., JavaScript, Go).
- Ability to analyze security challenges and associated organizational issues.
- Project management experience, particularly for initiatives impacting multiple teams.
- Experience working in an Agile environment with a strong focus on customer needs.
- Proven track record in setting up and conducting training sessions.
- Excellent written and verbal communication skills.
- Proficiency in English for effective collaboration in an international setting.
- Strong self-assessment capabilities.
- A passion for sharing knowledge and a commitment to continuous personal and professional development in leadership and emerging technologies.
We care about your growth and well-being
Competitive Compensation Package: A generous compensation structure that includes salary, a competitive stock option plan, and a variety of benefits and perks.
Workation: Opportunity to work up to 60 days annually in a country different from your home country.
Learning & Development Budget
Academy: Regular training sessions, along with access to Coursera and Babbel courses.
Our Benefits: Explore our offerings by office.
Flexibility: Whether you are a morning person or a night owl, we prioritize outcomes and motivated employees.
Mindset & Growth: We foster a diverse workplace with an open, international culture and a commitment to learning.
Come grow with us
Our diversity is our strength. We hire exceptional individuals from a wide range of backgrounds, not only because it is the right thing to do, but because it enhances our company.
commercetools is proud to be a diverse environment and an equal opportunity employer. We encourage applications from candidates whose professional profiles align with our specific hiring criteria and Guiding Stars. We assess competencies, future potential, learning approaches, and passion, without regard to age, color, national origin, religion, gender, gender identity or expression, sexual orientation, familial status, genetics, or disability.
-
Sdv lead incar security architect
vor 2 Monaten
Munich, Bayern, Deutschland T-Systems International GmbH VollzeitAufgabe Als SDV Lead In Car Security Architect & Developer (w/m/d) erstellst du zusammen mit deinem Team umfassende Security Lösungen für das Software Defined Vehicle. Hierzu gehören unter anderem: Die schwerpunktmäßige Konzeption von Security relevanten Fahrzeugfunktionen Du bist im Bereich der Architektur stark und unterstützt dein Team "hands-on"...
-
Lead Global Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland ZEISS VollzeitElevate Your Career as a Lead Global Security ArchitectStep beyond conventional boundaries and redefine the potential of your career. At ZEISS, you will find yourself in a contemporary environment brimming with opportunities for professional growth, where expertise and collaboration are paramount.Our unique ownership structure is aligned with the long-term...
-
Lead Digital Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland ZEISS Group VollzeitYour Role The Business Information Security (InfoSec) Enablement team at ZEISS Group plays a pivotal role in ensuring that our corporate information security aligns with business objectives. This function is dedicated to empowering ZEISS Business Segments and Units to execute their strategic initiatives with a focus on security by design, meeting the...
-
Lead Digital Information Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland ZEISS Group VollzeitYour Role The Business Information Security (InfoSec) Enablement team at ZEISS Group is dedicated to enhancing corporate information security with a strong focus on business support and enablement. This global function is responsible for assisting ZEISS Business Segments and Units in implementing a strategic agenda that incorporates security by design,...
-
Lead Digital Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland ZEISS Group VollzeitYour Role The Business Information Security (InfoSec) Enablement team at ZEISS Group is dedicated to fostering a robust security framework that aligns with our global business objectives. This team plays a pivotal role in empowering ZEISS Business Segments and Units to implement security measures that are integrated into their operational strategies,...
-
Lead Digital Information Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland ZEISS Group VollzeitYour Role The Business Information Security (InfoSec) Enablement team at ZEISS Group is dedicated to enhancing corporate information security with a strong focus on business support and enablement. This global initiative aims to assist ZEISS Business Segments and Units in implementing a strategic agenda that prioritizes security by design, aligning with...
-
Lead Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland Mattermost VollzeitCompany OverviewMattermost is a leader in secure, workflow-oriented collaboration, catering to technical and operational teams that require top-tier security and trust. Our clientele spans across various sectors including technology, public service, national defense, and financial services, featuring some of the largest organizations globally.Position...
-
Lead Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland Mattermost VollzeitCompany OverviewMattermost is a leading provider of secure, workflow-centric collaboration solutions tailored for technical and operational teams that require stringent security and trust standards. Our clientele spans various sectors, including technology, public services, national defense, and financial institutions, featuring organizations from tech...
-
Lead Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland Mattermost VollzeitAbout MattermostAt Mattermost, we deliver secure, workflow-oriented collaboration solutions tailored for technical and operational teams that require top-tier security and trust standards. Our clientele spans various sectors, including technology, public service, national defense, and financial services, featuring organizations from major tech firms to the...
-
Team Leader
vor 2 Wochen
Munich, Bayern, Deutschland Lufthansa Group Security Operations GmbH VollzeitJob Title: Team Leader - Operational Security SpecialistAbout the Role:We are seeking a highly skilled and experienced Team Leader to join our Operational Security team at Lufthansa Group Security Operations GmbH. As a Team Leader, you will be responsible for leading a team of security professionals and ensuring the highest level of security and order across...
-
Team Leader
Vor 5 Tagen
Munich, Bayern, Deutschland Lufthansa Group Security Operations GmbH VollzeitJob Title: Team Leader - Operational Security SpecialistAbout the Role:We are seeking a highly skilled and experienced Team Leader to join our Operational Security team at Lufthansa Group Security Operations GmbH. As a Team Leader, you will be responsible for leading a team of security professionals and ensuring the highest level of security and order across...
-
Lead Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland commercetools VollzeitThe Opportunity: As we expand our engineering team beyond 100 professionals, we are establishing a tech leadership pathway to facilitate further growth. In the role of Principal Engineer for Product Security, you will have the unique opportunity to define this position and cultivate the tech leadership culture alongside the Director of Tech Leadership. ...
-
Lead Security Architect
Vor 5 Tagen
Munich, Bayern, Deutschland commercetools VollzeitThe Opportunity: As we expand our engineering team beyond 100 professionals, we are establishing a tech leadership pathway to facilitate further growth. In the role of Principal Engineer for Product Security, you will have the unique opportunity to define this position and cultivate the tech leadership culture alongside the Director of Tech Leadership. ...
-
Security Architect
Vor 7 Tagen
Munich, Bayern, Deutschland FERCHAU - Niederlassung München IT VollzeitAbout FERCHAU - Niederlassung München ITWe are a leading IT consulting company that connects people and technologies to deliver innovative solutions for our clients. Our team of experts is passionate about shaping the future of technology and driving business success.Job SummaryWe are seeking a highly skilled Security Architect to join our team in Munich....
-
Security Architect
Vor 5 Tagen
Munich, Bayern, Deutschland FERCHAU - Niederlassung München IT VollzeitAbout FERCHAU - Niederlassung München ITWe are a leading IT consulting company that connects people and technologies to deliver innovative solutions for our clients. Our team of experts is passionate about shaping the future of technology and driving business success.Job SummaryWe are seeking a highly skilled Security Architect to join our team in Munich....
-
Principal Security Architect
Vor 5 Tagen
Munich, Bayern, Deutschland commercetools VollzeitAbout the Role:We are seeking a highly skilled Principal Security Architect to join our team at commercetools. As a key member of our tech leadership team, you will play a critical role in shaping our security architecture and driving the adoption of secure practices across the organization.Key Responsibilities:Create and maintain a comprehensive security...
-
Principal Security Architect
Vor 7 Tagen
Munich, Bayern, Deutschland commercetools VollzeitAbout the Role:We are seeking a highly skilled Principal Security Architect to join our team at commercetools. As a key member of our tech leadership team, you will play a critical role in shaping our security architecture and driving the adoption of secure practices across the organization.Key Responsibilities:Create and maintain a comprehensive security...
-
Lead Security Architect
vor 4 Wochen
Munich, Bayern, Deutschland Mattermost VollzeitAbout MattermostMattermost is a pioneering provider of secure, workflow-focused collaboration solutions tailored for technical and operational teams that require top-tier security and trust standards. Our clientele spans various sectors, including technology, public services, national defense, and financial services, encompassing both major tech corporations...
-
Application Security Architect SAP
vor 2 Monaten
Munich, Bayern, Deutschland Giesecke+Devrient GmbH VollzeitMit unserer Expertise schaffen wir Raum für Ideen, die die Welt bewegen.Application Security Architect SAP (m/w/d)G+D macht das Leben von Milliarden von Menschen weltweit sicherer. Wir schaffen Vertrauen im digitalen Zeitalter, mit integrierten Sicherheitstechnologien in drei Geschäftsbereichen: Digital Security, Financial Platforms und Currency...
-
Cloud Security Architect
Vor 2 Tagen
Munich, Bayern, Deutschland NVISO VollzeitAbout NVISONVISO is a leading provider of cyber security services to private and governmental organizations. Our mission is to protect European society from potentially devastating cyber attacks.We are committed to offering our clients a highly competitive remuneration package, including financial and non-financial components.Job SummaryWe are seeking a...