Enterprise Security Architect (m/f/d)

ABOUT THE ROLE

EPAM invites you to embark on an enriching journey as an Enterprise Security Architect, where you'll play a vital role in our global Cloud Security practice. This instrumental position will empower you to deliver secure and innovative solutions to our esteemed enterprise customers.

As an esteemed Enterprise Security Architect, you'll work alongside highly skilled consultants, designers, architects and engineers. Together, you'll enable our customers to forge ahead of their competition and disrupt the market with cutting-edge technology solutions. Additionally, you'll guide them through the complex landscape of technological transformation with finesse and agility.

If you're seeking career growth, opportunities to contribute to high-stakes projects and a vibrant team bursting with ingenuity, EPAM is the perfect place for you!

• Design a Security Architecture blueprint to drive the implementation of security safeguards across Cloud, IoT and Application Security
• Develop innovative technical security architecture approaches to meet evolving business and technology requirements
• Collaborate with engineering, infrastructure, development, data and security operations teams as a subject matter expert
• Gather business, compliance and technical requirements, translating them into security architecture components and controls that enhance digital security posture
• Ensure the ongoing governance of the Security Architecture, regularly reviewing and modifying it to accommodate changes in threats, business objectives and security trends
• Embed security requirements, design principles and patterns into the product development cycle
• Establish an architecture framework and use cases to achieve secure design and default, supported by continuous monitoring and effectiveness assessment throughout design, implementation and operations
• Implement automated security controls across cloud infrastructure, architecture and development processes to support a rapidly scaling business in a cloud-first, agile DevSecOps environment
• Influence senior managers to adopt secure architectural principles and lead internal workshops for developing security architectures
• Provide leadership in the organization's professional field, recognized as an experienced authority

• Expertise in security architecture, preferably within highly regulated environments
• Experience in building and maintaining a Product Development Security Program
• Relevant certifications such as AWS Security Specialty, Azure Security Engineer, Google Cloud Security Engineer, Certified Kubernetes Security Specialist, CISSP, CCSP, SANS GIAC or similar qualifications are advantageous
• Experience with medical security governance and IT general control frameworks such as ISO2700x, HIPPA, ISO 13485, NIST CSF, NIST 800-53, MDR (EU), etc. is highly desirable
• Solid understanding of network access, identity and access management, applied cryptography, network security methodologies and secure software development methodologies
• Knowledge and experience with identifying and understanding common application security vulnerabilities (OWASP Top 10)
• Agile mindset with a focus on continuous quality and process improvement
• Excellent written and verbal communication skills, along with business acumen and a commercial outlook
• Deep expertise in one or more areas such as:
  • API security
  • DevSecOps practices
  • Identity and Access Management
  • Compliance & regulations for medical devices
  • Cloud Security Architecture & Controls
  • Security Architecture & Models in Healthcare
  • Zero trust & Defense in depth principles
  • Network security
  • Infrastructure and application security assessment
  • Vulnerability management
  • Application Security
  • IoT Security architecture
  • CI/CD tooling (SAST, DAST, SCA, Secret Scanner. Secure Gates, Image Signed, etc)
  • Threat Modeling and Secure-by-Design
  • Security Operations

• 30 days holiday per annum
• Company Pension Scheme
• Competitive compensation depending on experience and skills
• Regular performance assessments
• Fitness-First Black Membership
• bitkom - Corporate Benefits
• EPAM Employee Stock Purchase Plan (ESPP)
• Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more
• Friendly and enjoyable working team
• Regular corporate and social events
• Flexible and remote working opportunities
• Certain benefits and perks may be subject to eligibility requirements

• EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential

• Work across markets and verticals and gain exposure to a great variety of projects and cutting-edge technologies
• Become part of a global community of well-connected experts across 50+ countries: enjoy a career without borders within an international environment
• Carve your career path: as the Fastest-Growing IT Services Company in the Fortune 100 List, EPAM is committed to help you discover your fullest potential by creating career plans that best suit you and your future plans
• EPAM Germany was named a Top Company 2022, 2023 & 2024 by Kununu for its people centric culture built on life-long learning