Information Security Architect

Would you like to join an international atmosphere and be involved in projects across Europe and with impact worldwide having the opportunity to consolidate your career? This is your opportunity!

We are looking for an Information Security Architect to join our team!

Within the Cross-Tech | Cybersecurity & AI Team we need to hire an Information Security Architect to cope with the exciting and challenging projects in relation to the Security at Mercedes Benz in Europe.

Position Overview:

As a Mercedes-Benz Information Security Architect, you will be responsible for defining and supporting the application security requirements throughout the project lifecycle, with a primary focus on performing Threat Modeling.

Your role will involve executing ongoing security reviews, supporting project teams, and ensuring compliance with corporate security guidelines and regulatory requirements.

Key Responsibilities:

- Define application security requirements for design and support project teams throughout the project lifecycle.

- Conduct ongoing application security reviews of system design and functionality, providing suggestions at every project phase.

- Assist project teams in defining and periodically reviewing the security profile of each system/application.

- Propose mitigating measures when enhanced protection is lacking.

- Ensure that security risks are addressed by project teams and that technological, architectural, or design decisions comply with corporate security guidelines and policies.

- Ensure compliance with information security regulatory requirements.

- Implement security policies and procedures across all units and processes.

- Maintain constant vigilance over critical information assets.

Cualificación

Technical Knowledge:

- Extensive experience as a security architect, with a deep understanding of software technology and functionalities.

- Proficiency in cloud technologies, specially AWS.

- Knowledge of Identity and Access Management, including SSO, directory servers, and domains.

- Familiarity with SDLC and DevSecOps.

- Expertise in threat modeling and providing guidance on countermeasures and threat mitigation techniques.

- Ability to define and implement security requirements for system design and add security requirements to existing systems.

- Understanding of penetration testing and ethical hacking concepts, with the ability to analyze and address identified weaknesses.

Experience and Skills:

- A minimum of 5 years of professional experience in the security field, with extensive experience in large IT projects,

application security assessments, and audits.

- Highly organized and disciplined.

- Customer-oriented with strong team collaboration skills.

- Effective communication skills with various stakeholders.

- Conflict resolution skills and the ability to mediate and create agreements in scenarios with differing interests.

- Proven architecture modeling skills and an understanding of infrastructure architecture standards.

- Fluent in written and spoken English (additional languages are desirable).

- Mandatory (at least one of these certifications): Certified Information Systems Security Professional (CISSP), Certified

Cloud Security Professional (CCSP), or Certified Secure Software Lifecycle Professional (CSSLP).

- Desirable certifications: AWS, Azure or other information security certifications.

Within our benefits as employee, we provide:

-Competitive salary + variable compensation

-60% Mobile work

-Flexible entering hours

-30 working days of holidays

-Annual Training Plan

-Mercedes-Benz benefits (Renting plans, employee discount)