Senior SW Security Architect

WithSecure is a company that protects businesses worldwide with SaaS solutions against modern cyber threats. They focus on collaboration and shared expertise in cybersecurity, aiming to become Europe’s flagship in the field. Their teams work daily to prevent cyber extortion, secure critical infrastructure, and protect sensitive data.

• Proven experience leading security architecture for cloud services and ability to influence and guide engineering teams.
• Strong ability to set security vision to identify risks proactively, run and coordinate assessments, and drive prioritized remediation through R&D.
• Hands-on cloud security skills including CSPM, CI/CD security, identity and access management.
• Strong proficiency in AI technologies and tools with practical application to security engineering and assurance workflows.
• Deep expertise in secure SDLC: threat modeling, secure coding guidance, design reviews, and vulnerability management governance.
• Working knowledge of security standards and assurance such as ISO 27001, third-party/service assessments, and supporting audit readiness with pragmatic controls.

• Lead security architecture for Elements product, working proactively with development teams to define secure designs, guardrails, and reference patterns.
• Own the Elements security vision and roadmap, proactively surfacing risks and improvement opportunities.
• Run and coordinate risk assessments, prioritize remediations, and drive execution through R&D teams.
• Drive AI-enabled security practices by identifying opportunities to improve or automate traditional security architecture work and lead adoption across teams.
• Manage cloud security posture in partnership with DevSecOps.
• Enable a secure SDLC by establishing secure coding guidelines, promoting threat modeling, guiding vulnerability management governance, and performing design reviews.
• Contribute to and iterate key policies and standards, ensuring continuous improvement and annual reviews.
• Perform assessments for services and third-party platforms; align controls with ISO 27001 and support audit readiness.
• Contribute to architecture/security forums and PI planning; provide clear, actionable guidance and influence delivery roadmaps.

Tools used: Jira, GIT, Agile, Scrum, Kanban.