Security Architect

Role & responsibilities

Security Architecture

• Our security architects play a key role in shaping the future of Allianz by making sure that security guidelines in our teams are well defined and followed.
• Security Architects will be responsible for designing, building, testing and providing technical assistance during implementation security systems within our IT network.
• Security Architects are expected to have a thorough understanding of complex IT systems, corresponding technical security controls design and solutioning and stay up to date with the latest technical trends, security standards, systems and authentication protocols, as well as security best practices and security products.
• Understanding the existing environment, product solution, platform and network architecture
• Designing of security controls around technical architecture created by other architects
• Assessing security posture on-premise as well as on-cloud deployments
• Planning, researching, and designing security architecture patterns
• Reviewing and improving the security designs
• Defining and working on guidelines and assessments of our IT systems / platforms in terms of security measurements based on Allianz security standards
• Enabling the usage of security patterns and steer standardization
• Solid understanding of security protocols, standards (OWASP, NIST etc) and S-SDLC controls
• Knowledge of enterprise security architecture and interaction of different security components and teams with each other
• Executing trainings for the Security Champions

1. Application Security

• Assessing security posture of the given service / application / API
• Conducting threat modelling on given setup and preparing threat modelling report
• Coordinating with technical architects and explaining design level security issues
• Reviewing current system security measures and recommending and implementing enhancements
• Designing solutions for identified security issues / risks and providing assistance in the implementation process
• Applied Cryptography (Digital signature, mTLS, SLE, TDE etc.)

2. Cloud Security (AWS preferably)

• Assessing security posture on-premise as well as on-cloud deployments
• Understanding of security aspects of different cloud native services / component such as storage components, network components, compute components etc.
• Staying updated on the latest security systems, standards, authentication protocols, and products.

3. DevSecOps

• Understanding of DevSecOps setup, security controls required for the automation
• Integrating security tools and practices in CI/CD pipeline to automate software security testing as a part of DevSecOps setup
• Knowledge of software engineering practices & best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations

4. Infrastructure and Network Security

• Fundamental knowledge of infrastructure and network security (CSPM,CWP)
• Basic awareness of Security controls at infrastructure and network security (Use of Technical / system accounts, Privileged access management, NSG / NACLs etc.)

5. Risk and Compliance

• Working closely with respective ISO / PSO functions
• Understanding technical requirements to comply with applicable regulations e.g. GDPR
• Implementation level knowledge of security policies of the organisation

Preferred candidate profile

• A Computer science degree from a recognised University. (Optional)
• Extensive prior experience in different Technical Cyber Security domains (Mandatory)
• Overall work experience of 10+ years with minimum 8 years of relevant experience
• In depth knowledge/Expertise/Experience in Security Architecture
• Professional certification(s) in related field (CISSP, CCSP, CEH, GPEN, OSCP,) (MUST)
• Professional certification(s) in cloud computing (AWS /Azure) and architecture certification like SABSA (Desirable)
• Knowledge in emerging technologies eg: GenAI
• Good understanding of how the organization works (identify owners and decision makers)
• Intercultural awareness, intellectual grasp and hands-on attitude
• Good analytical, solution design and problem-solving skills; Decision making at proposal stage
• Pro-activeness and able to work independently with minimal supervision
• Ability to communicate and cooperate efficiently in a professional environment
• Good MS Office skills (particularly MS Excel)
• Business fluent in English (reading and writing)

Additional perks and benefits will be provided.