Lead Security Architect

This is a fully remote position, open to applicants in Germany.

📋 Description

• Take ownership of and enhance the security and compliance across the organization.

• Spearhead security initiatives across infrastructure, applications, internal systems, and employee devices.

• Detect risks and vulnerabilities throughout the organization and ensure they are effectively managed.

• Develop scalable security processes and best practices across various teams.

• Manage the organization's compliance posture by defining target frameworks, driving progress, and ensuring requirements are integrated into daily operations.

• Coordinate audits and oversee external security activities.

• Maintain relationships with external security firms and auditors.

• Guide the organization through comprehensive compliance framework certifications.

• Organize and conduct security reviews and external audits, ensuring that findings are documented and addressed.

• Serve as the internal authority on external security requirements and regulatory expectations.

• Foster security awareness throughout the organization.

• Develop and manage the company's security awareness and training program.

• Champion application security initiatives.

• Oversee the Secure Software Development Lifecycle (Secure SDLC) within the engineering organization.

• Collaborate closely with engineering teams to ensure secure product design and implementation, diving into details as necessary.

• Personally evaluate tools, frameworks, and architectures for security vulnerabilities and ensure that findings prompt action.

• Manage Web3 security initiatives.

• Leverage a strong understanding of Web3-specific security risks, including smart contract vulnerabilities, protocol exploits, wallet and key management, and on-chain threat vectors.

• Oversee AI security protocols.

• Identify and address security risks associated with AI-driven tools, agents, and automation.

• Implement security tools and automation processes.

• Direct the security tooling strategy by defining requirements, assessing solutions, and driving their implementation.

• Establish standards for monitoring, incident response processes, and security workflows.

• Ensure security is consistently integrated into engineering pipelines and tooling.

⛳️ Requirements

• Demonstrated experience in leading or owning a security function, rather than merely executing within one.

• A background in security engineering or architecture, with an understanding of system construction and vulnerabilities.

• Experience in developing or enhancing security programs in dynamic engineering environments.

• Familiarity with Web3 or payments fintech sectors.

• Strong understanding of key compliance frameworks, including SOC 2, ISO 27001, DORA, MiCA, the EU AI Act, NIS2, and associated standards.

• Proven experience guiding organizations through the entire certification and audit processes, not just familiarity with the frameworks.

• Solid grasp of contemporary application security practices.

• Experience in conducting security reviews, threat modeling, and vulnerability management.

• Knowledge of cloud infrastructure security and developer tools.

• Understanding of AI security risks and emerging attack vectors is highly advantageous.

• Experience in managing or mentoring security teams is a plus.

• A strategic thinker who can translate risk into priorities and articulate them clearly to leadership.

• Comfortable operating independently in a fast-paced, uncertain environment.

• Ability to influence without formal authority across engineering and leadership teams.

• Proactively identify issues before they escalate.

🏝️ Benefits

• 30 days of paid time off (PTO).

• Flexible remote working days.

• Flexible working hours.

• Equity participation from day one.

• Provision of a work computer (choice of equipment).

• An annual personal development budget of 1,000€ after six months of employment (prorated in the first year).

• A one-time remote budget of 1,000€ for coworking, office setup, etc.