Your Mission
You will lead end-to-end ‘secure by design’ transformation programmes for our enterprise clients. These projects span several quarters and involve multiple teams, with you being responsible for the technical strategy, customer relationships and the final outcome.
Your Role
- Lead a Secure by Design transformation within the product organisation of a DAX 30 client, involving over 100 engineers, more than 20 product teams and a 18-month roadmap. You will be responsible for the target architecture, the rollout plan and the communication with the CISO and CTO.
- Run a cloud security programme for a critical infrastructure operator preparing for an audit. You will define the control framework, risk assessment and security architecture, integrate these into AWS/Azure/GCP landing zones, and report to senior management.
- Shape a company-wide AI security programme (LLMs, agent-based systems, MLSecOps) for a client preparing for the EU AI draft, implementing the regulation into technical reality.
- Building a Secure SDLC programme from scratch for a fast-growing product company, including CI/CD security tools, large-scale threat modelling, a network of security officers, and KRIs that the board actually reads.
- Internally, you’ll help shape the practice itself: methodologies, accelerators, recruitment, talent development, and the development of our AI-powered Secure-by-Design product.
- AWS
- Azure
- GCP
- Kubernetes
- Terraform
- GitHub Actions
- GitLab CI
- Azure DevOps
- SonarQube
- Snyk
- STRIDE
- PASTA
- MAESTRO
- NIS2
- CRA
- EU AI Act
Your Profile
Must haves
- At least 7 years’ experience in cybersecurity, with a proven track record of successfully leading end-to-end client programmes for large enterprises
- In-depth technical expertise in cloud security (AWS, Azure or GCP) and modern software development practices (CI/CD, IaC, containers)
- Hands-on experience in leading transformations in the areas of ‘Secure-by-Design’, security architecture, Secure SDLC, cloud security or AI security at enterprise level
- You are comfortable steering the room with CISOs, CTOs and product leadership and at ease in an architecture deep-dive with a senior engineer
- Ready to work on-site three days a week and open to working at our clients’ sites in the DACH region for up to five days a month
A real plus
- Experience in at least one of the following areas: AI security / MLSecOps, Kubernetes platform security, regulatory programmes (NIS2, DORA, CRA, EU AI Act)
- Certifications in cloud security (CCSP, AWS / Azure / GCP Security Specialty)
- Proven track record in building and managing consulting teams or security champions
- You have a public presence, e.g. through presentations, publications, OSS, or a blog
Your Benefits
- Salary: €100.000– €130.000 plus performance-based bonus
- We support EU Blue Card sponsorship and offer a relocation package for international hires
- 30 days of vacation plus additional days off on Christmas, New Year’s Eve, and your birthday
- Hybrid work with two remote days per week, trust-based working hours in line with the needs of your family and commute to work, and the opportunity of Workations to fairly balance your children’s school holidays and your mission with us.
- Individual learning and development opportunities, including full coverage of advanced trainings, certification costs, and educational leave for exam days
- In-house gym, massage chairs, gaming area, and dedicated break spaces
- Regular team events and plenty of space for real collaboration
