The Application Security Architect (m/f/d) designs and implements secure application architectures, defining security controls and policies to protect applications from threats. They provide strategic guidance to developers and security teams.
Location:
Please note that the working location for this position will be in Madrid city centre, where we are currently setting up a new office location. Until the office is fully set-up within the next few months, you will have the possibility to work flexibly from home‐office and continue with a hybrid working model afterwards. This position is not a fully remote position, and an onsite presence will be required once our office location is ready.
Creating passion: your responsibilities
Develop and enforce application security architecture frameworks, policies, standards, and best practices to align with compliance requirements (e.g. OWASP, NIST, ISO 27001)
Review and approve application security designs while ensuring secure software development and architecture
Integrate security into the software development lifecycle (SDLC) by collaborating with development teams and enabling DevSecOps practices
Adopt and promote a security‐by‐design approach with the different stakeholders
Conduct threat modeling, security reviews, and risk assessments to proactively identify and mitigate vulnerabilities
Evaluate, recommend, and oversee security tools and testing solutions (SAST, DAST, IAST) to strengthen application security
Define security strategies for applications (e.g. IAM) and implement Security Principles such as Zero Trust
Actively contribute to the Corporate Information Security architecture community, sharing insights and best practices
Collaborate with IT, EA, DevOps and Engineering Team to align security Objectives
Contributing your strengths: your qualifications
Bachelor's/Master's in Cybersecurity, Computer Science, or related field
3+ years in cybersecurity, preferably in application security architecture role
Following certificates are preferred; CISSP, SABSA as well as Cloud certifications (AWS, Azure, or GCP)
English is a Must, German and French are a plus
Good understanding of cybersecurity frameworks and standards (ISO 27001, NIST)
Expertise in OWASP, SSDLC, and DevSecOps, with strong knowledge of secure software architecture
Strong understanding of microservices security, API security, and IAM (e.g. OAuth, SAML, JWT)
Knowledge of cloud‐native security and CI/CD integration (e.g. Jenkins, GitHub Actions)
Experience with container security and cloud platforms (e.g. AWS, Azure, GCP, Docker, Kubernetes)
Our commitment to you: your benefits
As an internationally successful family business, the Liebherr Group offers you a secure job, a unique variety of tasks and exciting development opportunities. Become part of our strong team today and get to know the Liebherr Group as a reliable partner. Profit from these benefits:
Attractive salary and social benefits
Flexible and hybrid working
Freedom for creative work
Safe and secure workplace
Individual development and training opportunities
Meal voucher
Life and accident insurance
Exclusive offer for a premium private health insurance package
Bonus payments for Christmas and holidays, based on the collective agreement
Please only use the online application option.
Please note that we do not accept applications via recruitment agencies for this position.
Have we awoken your interest? Then we look forward to receiving your online application. If you have any questions, please contact Karoliina Rissanen.
One Passion. Many Opportunities.
The company
Liebherr is a family‐run technology company that is not only one of the largest construction machinery manufacturers in the world, but also offers high‐quality, user‐oriented products and services in many other areas. The Group employs nearly 50,000 people in more than 140 companies on all continents.
Location
Liebherr IT Shared Service Centre Ibérica, S.L.
Madrid
Spain (ES)
Contact
Karoliina Rissanen
karoliina.rissanen@liebherr.com
#J-18808-Ljbffr