Lead Software Security Architect (m/f/d)

G+D makes the lives of billions of people more secure. We develop innovative products and solutions to secure payments, identities, connectivity and data. With more than 160 years of experience and new passion every day. As an international technology group and traditional family business with over 11,000 employees in 32 countries.

We are convinced that various central banks will introduce a digital version of their currency, a so-called Central Bank Digital Currency (CBDC) in the coming years. This will create an entirely new market for products and services that fit perfectly with Giesecke+Devrient's product portfolio. It especially requires an outstanding team to deliver a disruptive innovation of that magnitude. For this, we have set up G+D advance52 GmbH as an independent start-up with a team that has a clear mission for growth and to create a substantial product business.

Security is the most crucial prerequisite for the introduction and operation of a CBDC ecosystem. In this domain we expect yet to be defined security standards way beyond standard payment rails. We need to ensure that we guarantee the required security in terms of our technical design, the product portfolio we build, the operation of a CBDC ecosystem and also from an organizational perspective. We are therefore looking for a Lead Software Security Architect- CBDC (m/f/d) to take on these challenging tasks and ensure that we provide the level of trust that G+D has been valued for by its customers for 170 years.

Your Responsibilities:

• Oversee, coach and steer the definition, implementation and continuously improvement of a secure development process for our product offering, including the development of security guidelines
• Conduct threat modelling and risk assessments for every stage of the product lifecycle
• Select, implement and run static and dynamic application security testing (SAST/DAST) tools
• Collaborate with developers to integrate secure coding practices into CI/CD pipelines
• Work with engineering teams to ensure proper encryption, authentication, and authorization mechanisms are implemented
• Troubleshoot and resolve specific security-related challenges, such as configuring secure APIs or implementing secure data storage practices
• Constantly raise awareness for security related topics for the development team and give hands on support on how to implement relevant security measures into our development processes and secure operations
• Respond to local, internal security audits, analyze audit results and support to define mitigative actions

• Master degree in computer science, security / information security or a related field including engineering, mathematics, physics and other STEM subjects, or equivalent professional experience (5+ in a comparable position in industry or public functions)
• Several years of professional experience in building secure software solutions
• Demonstrated ability to perform the functions of a software security architect in a similarly complex environment, preferably in the domain of a complex product development undertaking
• Solid knowledge developing secure web applications with Go, Rust and in securing containerized applications (Docker, K8s)
• Practical experience in leading threat analysis and using the STRIDE model
• Plus: Experience in IT-security on a critical infrastructure / governmental level/ financial market infrastructure
• Plus: Knowledge and practical experience in the application of relevant standards and norms (e.g., OWASP SAMM / ASVS, ISO 27k, Common Criteria, CROE)

• You will play a driving role in shaping our CBDC solution, thereby having the potential to revolutionize the future of payments
• You will have the opportunity to gain deep knowledge in the cutting edge area of central bank digital currencies
• You will be empowered to achieve your maximum potential through a supportive environment that places trust in your abilities and celebrates your accomplishments
• All that matters here are your work and the results - where, and when you work is flexible
• A competitive market-standard salary

We are an equal opportunity employer! We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation.

Contact:
Hannah Distler
career@gi-de.com

Apply Here