In Cyclad we work with top international IT companies in order to boost their potential in delivering outstanding, cutting edge technologies that shape the world of the future. Currently, we are looking for an experienced consultant to support and advise on platform and security architecture management. The role involves ensuring that secure design principles, architecture patterns, and governance processes are effectively implemented across enterprise platforms. The consultant will collaborate with cross-functional teams to strengthen security posture, improve compliance, and drive continuous process improvement.

Project information:

• Location: remotely with business travels to Frankfurt am Main
• Type of employment: B2B contract
• Remuneration: up to 400 EUR per day on B2B
• Project language: English

Your tasks:

• Conducting an initial assessment of the current state of EDP development.
• Providing expert consultancy on platform architecture management and product line (security) architecture management, focusing on security guiding principles, access controls, integration points, and secure design principles.
• Identifying critical integration points and advising on secure integration patterns between platform services and external systems.
• Recommending the adoption of secure design principles throughout the platform lifecycle (e.g., defense-in-depth, least privilege, secure default configurations).
• Addressing potential platform risks by consulting and communicating security and compliance controls based on CRS rulebooks, and collaborating with platform architecture management to integrate security into designs.
• Staying current with evolving security and compliance regulations and communicating relevant updates to EDP stakeholders.
• Translating and disseminating security architecture guiding principles and patterns to platform architecture and engineering teams.
• Organizing knowledge-sharing sessions, workshops, and training on security best practices and emerging threats.
• Reviewing and providing feedback on architectural blueprints to ensure alignment with security principles and standards.
• Consulting on architectural decision-making by demonstrating practical applications and benefits of proposed security principles.
• Monitoring the adoption and effectiveness of security patterns and recommending improvements when necessary.
• Advising cross-functional EDP stakeholders (platform architecture, product management, CRO, DevOps, etc.) on effective security governance and risk management processes.
• Developing, maintaining, and reviewing documentation for security architecture management processes, practices, and compliance activities.
• Designing and establishing clear process guidelines for security reviews and incident management.
• Fostering collaboration between platform and security architecture teams to ensure shared understanding of processes and responsibilities.
• Regularly evaluating security processes to identify improvement opportunities and ensure alignment with evolving business and technology requirements.

Requirements:

• Minimum 5 years of experience in security architecture, cloud security, or related fields.
• Proven expertise in security architecture principles, secure design patterns, and frameworks.
• Experience in at least one of the following areas:
  • Security Architecture and Design
  • Cloud Security
  • Identity and Access Management (IAM)
  • Application Security
  • DevSecOps and Automation
  • Incident Response and Resilience
  • Cryptography and Data Protection
• Strong ability to translate technical security requirements into actionable designs and documentation.
• Hands-on experience in designing and implementing security and compliance controls for platforms.
• Familiarity with threat modeling methodologies, risk assessment, and DevSecOps practices.
• Experience with cloud posture management and detection tools (CSPM, KSP, Workload Protection) and response toolsets (SIEM, EDR, XDR).
• Good understanding of security and compliance frameworks such as ISO/IEC 27001, CSA CCM, BSI Grundschutz, CSI, NIST CSF, and NIST OSCAL.
• Knowledge of sector-specific regulations, including NIS2, CRA, KRITIS, and BSI C5.
• Excellent communication and stakeholder management skills.
• Fluent in English (C1 level), both spoken and written.

We offer:

• Private medical care with dental care (covering 70% of costs) + rehabilitation package. Family package option possible.
• Multisport card (also for an accompanying person).
• Life insurance.
• Work with talented engineers on large-scale, technically challenging projects.