Cyber Security Architect

As a Cyber Security Architect, you will design, evaluate, and implement robust security architectures for enterprise-scale energy systems, OT / IT convergence, and cloud-native environments. You’ll work closely with platform, infrastructure, and application teams to ensure cyber resilience across digital transformation programs.

This is a hands-on, technically challenging position requiring deep expertise in secure architecture design, risk modelling, and implementation oversight across diverse environments—cloud, hybrid, and on-prem.

Key Responsibilities

• Architect and document security blueprints for IT, OT, and cloud environments (AWS, Azure, on-prem hybrid).
• Lead the definition and implementation of zero-trust architectures , secure network segmentation, and identity federation across business units.
• Perform threat modeling and risk assessments for new projects and existing systems (using STRIDE, DREAD, MITRE ATT&CK, etc.).
• Define security controls, policies, and guardrails for platforms (e.g., Kubernetes, Kafka, SAP S / 4HANA, IoT gateways).
• Guide DevOps and CloudOps teams in implementing "security by design" within CI / CD pipelines and Infrastructure as Code (IaC).
• Collaborate with SOC, GRC, and compliance teams to ensure technical controls align with ISO 27001, NIS2, and EU energy regulations .
• Evaluate third-party solutions and services for integration and compliance with enterprise security frameworks.
• Act as the lead security SME for architectural reviews, incident root cause analysis, and red / blue team feedback cycles.

Requirements

• 10+ years in IT Security, including 5+ years as a Security Architect in enterprise or critical infrastructure environments.
• Deep knowledge of cloud security architecture (preferably AWS and Azure), network security, PKI, encryption standards, IAM, and SIEM integration.
• Strong experience in OT / ICS security (IEC 62443, Purdue Model, SCADA protocols).
• Proficiency with IaC and security automation tools (Terraform, Ansible, Sentinel, etc.).
• Familiarity with container security (e.g., K8s hardening, image scanning, service mesh security).
• Solid understanding of regulatory environments : GDPR, NIS2, ISO / IEC 27001, BSI Grundschutz.
• Security certifications preferred : CISSP, CISM, CCSP, TOGAF with SABSA, or GIAC / GICSP .

What We Offer

• A strategic security role with real impact across critical energy infrastructure.
• Access to modern tools, labs, and budgets for proof-of-concept security innovation.
• Supportive, highly skilled colleagues in one of Europe’s most important energy providers.
• Flexible working model (on-site / remote mix) with a Munich base.

Security Architect • Munich, Bavaria, Germany