HiringCafe
Posted 1w ago

Senior Software Security Architect CT (m/f/d) (m/w/d) 1 (Munich, DE)

@ Giesecke+Devrient
View All Jobs
Munich, Bavaria, Germany
OnsiteFull Time
Responsibilities:Ensure security, Derive requirements, Perform assessments
Requirements Summary:Senior software security expert with design and assessment experience; security by design; SDLC/SSDLC; threat modeling; communication with developers and customers.
Technical Tools Mentioned:Threat modeling, Secure SDLC, CI/CD
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Focus: Security by Design & Secure Software Integration in Customer Projects


You worry more about insecure interfaces than about downtime – and for you, software is only “done” when it’s securely integrated?


At Giesecke+Devrient Currency Technology (CT), you protect the software landscape around the cash cycle: from supplier applications to in‑house CT solutions running in high-security cash centers, banknote printing facilities and data centers worldwide.



Your responsibilities


 



  • Ensure that internal and external software components follow “Security by Design” principles – from architecture to go-live in customer projects.

  • Derive and manage security requirements from contracts, standards and customer expectations, and turn them into clear guidelines for projects and suppliers.

  • Perform threat and risk assessments for applications and integrations and define concrete, prioritized mitigation measures.

  • Review software, interface and integration designs from a security perspective and closely align with internal teams and customer IT.

  • Oversee SSDLC / secure SDLC practices for third-party developments and coach internal teams on secure development best practices.

  • Coordinate vulnerability management, patch strategy and exception handling for all integrated software components.

  • Plan, supervise and validate security testing and define security acceptance criteria for key project milestones.

  • Produce customer-facing security documentation and audit artefacts and drive security topics in workshops and supplier reviews.



Your profile


 



  • University degree in Computer Science, Information Security, Electrical Engineering or a comparable STEM field – or an equivalent qualification.

  • Several years of experience designing and assessing secure software architectures and integrations, ideally in critical infrastructure, manufacturing or a security/software tech environment.

  • Application security is your passion; you have hands-on experience with frameworks such as OWASP SAMM, NIST SSDF (SP 800‑218) and IEC 62443‑4‑1.

  • Strong background in threat modeling, risk assessments and common vulnerability classes (e.g. OWASP Top 10, CWE) plus practical mitigation strategies.

  • Experience with secure SDLC/SSDLC processes, CI/CD pipelines and typical security gates (code reviews, security testing, release approvals).

  • Ability to analyze complex security topics, document them clearly and communicate them convincingly to developers, project managers, customers and suppliers.

  • Very good English skills (written and spoken); French is a strong plus, German is an advantage.

  • High willingness to travel (around 25 % internationally) and to work in interdisciplinary, globally distributed project teams.

$$ We are an equal opportunity employer! We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation. 

 $$ Hannah Distler $$ [email protected] $$ $$ $$ https://career5.successfactors.eu/career?company=gieseckede&career_job_req_id=27044&career_ns=job_application