Logo Giesecke+Devrient

Senior Software Security Architect CT

Giesecke+Devrient

Job

  • Level
    Senior
  • Job Field
    IT, Application, Security
  • Employment Type
    Full Time
  • Contract Type
    Permanent employment
  • Location
    Munich
  • Working Model
    Onsite

    • Job Summary

    In this role, you ensure that software components implement 'Security by Design', derive security requirements, conduct risk assessments, and coach interdisciplinary teams on application security best practices.

    Your role in the team

    • You ensure that internal and external software components implement 'Security by Design' — from architecture to go-live in the customer project.
    • You derive security requirements from contracts, standards, and customer expectations, and translate them into clear specifications for projects and suppliers.
    • You conduct threat and risk assessments for applications and integrations and define concrete, prioritized measures.
    • You review software, interface, and integration designs for security and coordinate closely with internal teams and the client's IT department.
    • You oversee SSDLC practices in third-party developments and coach internal teams on secure development best practices.
    • You coordinate vulnerability management, patch strategies, and exception processes for all integrated software components.
    • You plan, oversee, and evaluate security tests and define security acceptance criteria for key project milestones.
    • You create customer-oriented security documentation and audit artifacts, and drive security topics forward in workshops and supplier reviews.

    This text has been machine translated. Show original

    Our expectations of you

    Education

    • Completed degree in Computer Science, Information Security, Electrical Engineering, or a comparable STEM field - or an equivalent qualification.

    Qualifications

    • In-depth knowledge of Threat Modeling, risk analyses, and common vulnerability classes (e.g., OWASP Top 10, CWE) as well as their countermeasures.
    • Ability to systematically prepare complex security topics and communicate them appropriately to the audience - from developers to customer management and suppliers.
    • Excellent spoken and written English skills; French is a big plus, German skills are advantageous.
    • High willingness to travel (approximately 25% international) and enjoyment of working in interdisciplinary, globally distributed project teams.

    Experience

    • Several years of experience in designing and evaluating secure software architectures and integrations, ideally in critical infrastructures, production, or a security/software tech environment.
    • Application security is your passion; you have practical experience with frameworks such as OWASP SAMM, NIST SSDF (SP 800-218), and IEC 62443-4-1.
    • Experience with Secure SDLC/SSDLC processes, CI/CD pipelines, and typical security gates (code reviews, security testing, release approvals).

    This text has been machine translated. Show original

    Benefits

    Work-Life-Integration

    Topics that you deal with on the job

    Job Locations

    • Location Munich

      Bayern

      Germany

    This is your employer

    Giesecke+Devrient

    Giesecke+Devrient

    Giesecke+Devrient ist ein weltweit tätiges Unternehmen für Sicherheitstechnologien, sowohl in der physischen als auch in der digitalen Welt. Milliarden von Menschen profitieren in ihrem privaten und geschäftlichem Alltag von G+D.

    Description

  • Founding year
    1852
  • Company Type
    Established Company
  • Working Model
    Hybrid, Onsite
  • Industry
    Internet, IT, Telecommunication
    • Logo Giesecke+Devrient

    Senior Software Security Architect CT

    Giesecke+Devrient
    Location
    Munich
    Working Model
    Onsite
    Diversity
    Open for all genders

    More Jobs