Senior SW Security Architect

O projekcie: At WithSecure™, we protect businesses all over the world. Our SaaS solutions safeguard against modern cyber threats, and our innovative Co-security approach reflects our belief that true protection requires collaboration and shared expertise. No one can solve every cyber security problem alone. Our vision is to become Europe’s flagship in cyber security. Every day, our talented teams work to prevent cyber extortion, secure critical infrastructure, and prevent misuse of sensitive data. At WithSecure, it’s our people who make us exceptional – a diverse community that values passion, purpose, and a commitment to workplace well-being. If you’re ready to make an impact with a company that’s transforming cybersecurity, we’d love to hear from you. We’re looking for a Senior SW Security Architect to lead the security architecture for our Elements product and set the direction for secure-by-design development across teams. This is a rare chance to sit at the intersection of security, product architecture, and applied AI. WithSecure is investing heavily in strengthening security outcomes with AI - not as a buzzword, but as a practical accelerator for how security is designed, assessed, and operated. In this role, you will help shape how we use AI to do security better, faster, and at scale, and you’ll be expected to turn that ambition into concrete improvements across engineering. You will drive an AI-first approach to core security practices: finding ways to automate and augment traditional security architecture work (threat modeling, design reviews, risk assessments, posture management, vulnerability governance) using AI and then making it real through adoption, tooling, and measurable impact. What will you get from us - Be part of a company that values meaningful work and strives to make a difference in securing the digital world. - Work with cutting-edge technologies and be at the forefront of industry innovation. - Thrive in an inclusive and diverse workplace where your unique perspectives are valued. - Enjoy opportunities for professional growth and development. How to Apply If you are excited about the opportunity to work in a meaningful business and with new technologies, we would love to hear from you. Please submit your resume and a cover letter detailing your relevant experience and why you are a great fit for this role. Wymagania: - Proven experience leading security architecture for cloud services and ability to influence and guide engineering teams. - Strong ability to set security vision to identify risks proactively, run/coordinate assessments, and drive prioritized remediation through R&D. - Hands-on cloud security skills (CSPM, CI/CD security, identity and access management). - Strong proficiency in AI technologies and tools, and a practical mindset for applying them to security engineering and security assurance workflows. - Deep secure SDLC expertise: threat modeling, secure coding guidance, design reviews, and vulnerability management governance. - Working knowledge of security standards and assurance (e.g., ISO 27001), third-party/service assessments, and supporting audit readiness with pragmatic controls. Codzienne zadania: - Lead security architecture for Elements, working proactively with development teams to define secure designs, guardrails, and reference patterns. - Own the Elements security vision and roadmap. Proactively surface risks and improvement opportunities, run/coordinate risk assessments, prioritize remediations, and drive execution through R&D teams. - Drive AI-enabled security practices: identify high-value opportunities where AI can improve or automate traditional security architecture work, translate them into actionable initiatives, and lead adoption across teams. - Cloud security posture management in partnership with DevSecOps. - Enable a secure SDLC by establishing secure coding guidelines, promote threat modeling practices, guide vulnerability management governance across products and perform/lead design reviews. - Contribute to and iterate key policies/standards (e.g., lifecycle security), ensuring continuous improvement and annual reviews. - Perform assessments for services and third-party platforms; align controls with ISO 27001 and support audit readiness. - Contribute to architecture/security forums and PI planning; provide clear, actionable guidance and influence delivery roadmaps.