Key skills
AzureCloudTerraformVaultAIEntra IDCI/CDOWASPCloud Security
About this role
Role Overview
- Define and evolve security standards, architecture baselines, and reference architectures for our platforms, applications, and cloud environments (Azure)
- Ensure compliance with security policies through reviews of architecture decisions, code, and Infrastructure-as-Code
- Implement and integrate security gates, policy-as-code, and automated validations into our CI/CD pipelines
- Perform threat modeling as well as security reviews and audits for applications, web applications, and platform components
- Define and review security standards for web applications and APIs (e.g., OWASP Top 10, OAuth2/OIDC, API Security)
- Advance our cloud and platform security architecture (e.g., Identity & Access Management, network segmentation, landing zones)
- Secure our AI-based applications and data flows against risks such as prompt injection or data exfiltration
- Advise and enable our development teams in secure coding, application security, and secure architectural decisions
Requirements
- Degree in (business) computer science, IT security, or a comparable qualification
- Several years of experience in security architecture, application security, cloud security, or DevSecOps in modern software and cloud environments
- Strong understanding of web application security and modern authentication and API security concepts (e.g., OWASP Top 10, OAuth2/OIDC, API Security)
- Experience with application security and DevSecOps practices, such as security reviews, vulnerability management, security testing, or CI/CD security
- Experience with cloud security architectures and relevant security services, ideally in the Azure ecosystem (e.g., Entra ID, Defender for Cloud, Key Vault, Azure Policy)
- Experience with Infrastructure-as-Code (e.g., Bicep or Terraform) and assessing its security implications
- Knowledge of policy-as-code and automated security checks within modern development and deployment processes
- Preferably experience with cloud or security compliance frameworks or relevant certifications (e.g., AZ-500, SC-100, ISO 27001, SOC 2)
- Structured, pragmatic, and communicative working style, with an understanding of security as an enabler for secure and fast product development
- Excellent written and spoken English; German language skills are a plus.
Tech Stack
- Azure
- Cloud
- Terraform
- Vault
Benefits
- Flexible work: Work hybrid — in the office or from home — and adapt your working hours to your life situation
- Comfortable locations: Modern offices in central locations in Frankfurt am Main or Berlin, well connected and conveniently designed
- Learning and growth: Take the opportunity to gain hands-on experience in exciting projects and further develop your skills
- Team spirit: Enjoy regular team events, afterworks, and networking opportunities to become part of our lively company culture
- Your start: Ready from day one with IT equipment and a cool GRAYOAK merch package