About the role

Cloud Security Architect shaping security architecture for scalable cloud solutions at GRAYOAK. Collaborating with cross-functional teams to ensure secure software development and architecture.

Responsibilities

Define and evolve security standards, architecture baselines, and reference architectures for our platforms, applications, and cloud environments (Azure)
Ensure compliance with security policies through reviews of architecture decisions, code, and Infrastructure-as-Code
Implement and integrate security gates, policy-as-code, and automated validations into our CI/CD pipelines
Perform threat modeling as well as security reviews and audits for applications, web applications, and platform components
Define and review security standards for web applications and APIs (e.g., OWASP Top 10, OAuth2/OIDC, API Security)
Advance our cloud and platform security architecture (e.g., Identity & Access Management, network segmentation, landing zones)
Secure our AI-based applications and data flows against risks such as prompt injection or data exfiltration
Advise and enable our development teams in secure coding, application security, and secure architectural decisions

Degree in (business) computer science, IT security, or a comparable qualification
Several years of experience in security architecture, application security, cloud security, or DevSecOps in modern software and cloud environments
Strong understanding of web application security and modern authentication and API security concepts (e.g., OWASP Top 10, OAuth2/OIDC, API Security)
Experience with application security and DevSecOps practices, such as security reviews, vulnerability management, security testing, or CI/CD security
Experience with cloud security architectures and relevant security services, ideally in the Azure ecosystem (e.g., Entra ID, Defender for Cloud, Key Vault, Azure Policy)
Experience with Infrastructure-as-Code (e.g., Bicep or Terraform) and assessing its security implications
Knowledge of policy-as-code and automated security checks within modern development and deployment processes
Preferably experience with cloud or security compliance frameworks or relevant certifications (e.g., AZ-500, SC-100, ISO 27001, SOC 2)
Structured, pragmatic, and communicative working style, with an understanding of security as an enabler for secure and fast product development
Excellent written and spoken English; German language skills are a plus.

Flexible work: Work hybrid — in the office or from home — and adapt your working hours to your life situation
Comfortable locations: Modern offices in central locations in Frankfurt am Main or Berlin, well connected and conveniently designed
Learning and growth: Take the opportunity to gain hands-on experience in exciting projects and further develop your skills
Team spirit: Enjoy regular team events, afterworks, and networking opportunities to become part of our lively company culture
Your start: Ready from day one with IT equipment and a cool GRAYOAK merch package