Senior Security Strategist
This is a high-impact role where your expertise will directly contribute to protecting mission-critical infrastructure software used worldwide. You'll collaborate with talented engineers across Europe and beyond, working with modern technologies like Azure, Kubernetes, Electron, and a wide range of programming languages.
* Lead the adoption and evolution of secure software development lifecycle (SSDLC) practices and standards across teams and projects.
* Conduct security architecture and design reviews to ensure robust protection of applications and systems.
* Drive and mature threat modeling practices across the organization, identifying and mitigating risks early in the development process.
* Collaborate with empowered, cross-functional teams to embed security into the design, development, implementation, and verification of software.
* Provide clear, actionable remediation guidance to developers and system administrators.
* Support stakeholders in making informed, risk-based decisions that balance technical and business priorities.
* Deliver training sessions and educational content to upskill developers and promote a security-first mindset.
* Build and maintain tools and automation that enhance security workflows and reduce manual effort.
We are seeking a visionary leader to elevate our software security strategy across a global portfolio of cutting-edge products.
This role offers an exciting career as an integral part of a world-leading software company providing solutions for architecture, engineering, and construction.
* Approximately 7+ years of experience in software, with 4+ years focused on application security architecture.
* Strong proficiency in securing cloud environments, ideally with hands-on experience in Azure.
* Proven expertise in threat modeling complex software systems.
* Solid foundation in software development, with the ability to read, write, and audit code across multiple languages.
* Deep understanding of OWASP Top 10, SANS Top 25, and common security vulnerabilities.
* Experience with containerization and orchestration tools such as Kubernetes, Docker, and Istio.
* Ability to deconstruct complex systems to identify potential threats and weaknesses.
* Exceptional communication skills—able to clearly articulate technical risks to developers, engineers, administrators, and leadership.
* Demonstrated ability to learn quickly, research new topics, and adapt to evolving technologies.
* Strong problem-solving skills and a proactive approach to tackling security challenges.
* Ability to make balanced, unbiased decisions that consider both technical risks and business impact.
Bonus Skills That Set You Apart:
* Knowledge of OAuth 2.0 / OpenID Connect and modern authentication protocols.
* Familiarity with web technologies including JavaScript, HTML5, HTTP, REST, and related protocols.
* Proficiency in one or more programming languages/platforms such as .NET Core, Node.js, C#, Java, TypeScript, C/C++.
* Certifications such as CISSP or CCSP are a strong plus.
About This Role:
* A great team and culture.
* An attractive salary and benefits package.
* A commitment to inclusion, belonging, and colleague wellbeing through global initiatives and resource groups.
* A company committed to making a real difference by advancing the world's infrastructure for a better quality of life.