Software Architect Java Security Technologies

Adcubum Hrvatska d.o.o.

O poziciji

We are Adcubum - a leading and constantly growing manufacturer of insurance software in the health, accident, and property insurance lines, as well as the market leader in health and accident insurance in Switzerland. Outstanding ideas are the building blocks for our innovative product and our success. Highly qualified, flexible employees from the insurance and IT sectors develop them further.

We operate international with several locations in Switzerland, Germany, and Croatia.

We are looking for Senior Software Architect Java Security Technologies, based in Zagreb, for our Platform Unit.

Job description

We are seeking a highly skilled and experienced Security Architect to join our team and lead our efforts in ensuring the security of our Java-based core insurance product.

The Security Architect will play a pivotal role in designing and implementing robust security measures to protect our software, infrastructure, and customer data. With your expertise and passion for IT Security, you are responsible for the evolution of the security architecture of our insurance platform Adcubum Syrius. This includes its definition, its continuous improvement and communication inside Adcubum and towards our customers.

Your tasks

  • Develop and implement a comprehensive security architecture (Authentication, Authorization, Audit) for our Java-based products, ensuring the highest level of security throughout the development lifecycle
  • Collaborate with cross-functional teams to identify security requirements and integrate security controls into the software development process
  • Conduct risk assessments, vulnerability assessments, and security audits, together with our Cybersecurity team, to identify potential threats and vulnerabilities and propose appropriate solutions
  • Lead threat modeling exercises and work with development teams to prioritize and address identified security risks effectively
  • Define and proliferate secure coding practices and guidelines to prevent security vulnerabilities and flaws in the Java codebase
  • Be partner, coach and consultant of product owners, technical and business-oriented development teams, and our colleagues from technical consulting - from first planning until delivery and execution - ensuring a security-first mindset is embedded within the organization
  • Collaborate with a broad range of Adcubum teams and roles to ensure security considerations are integrated into the product roadmap and feature development
  • Shape the overall architecture of Adcubum Syrius in a team with other architecture specialists
  • Stay updated on emerging threats, vulnerabilities, and security technologies, and provide recommendations to keep our products up-to-date and secure against evolving threats

Our requirements

  • Proven experience as a Software Architect, Security Architect, Security Engineer, or a similar role in a Java product company or similar environment
  • In-depth knowledge of Java programming language and experience securing Java applications and frameworks (Java EE / Jakarta EE, Spring Frameworks)
  • Strong understanding of software security principles, secure coding practices, and common security vulnerabilities (e.g., OWASP Top 10)
  • Experience with security assessment tools and methodologies for identifying vulnerabilities and weaknesses in software and systems
  • Familiarity with security standards and frameworks (e.g., ISO 27001, NIST, CIS Benchmarks) and ability to implement security controls based on these standards
  • Strong understanding of network security, authentication, authorization, encryption, and other security technologies
  • Excellent communication and collaboration skills to work effectively with cross-functional teams and convey security concepts to technical and non-technical stakeholders
  • Ability to navigate different abstraction layers; strong analytic, communicative, and organizational skills
  • Communicative and customer-minded personality with a high degree of responsibility
  • Excellent English skills (written & spoken)

This is a plus

  • Experience with container technologies (Docker, Kubernetes, OpenShift)
  • Certifications like CISSP, CRISC, CISA or CEH
  • Experience or background in Software Architecture methodologies (iSAQB-F or similar)
  • Ability to communicate in German

What we offer

  • Experience our highly innovative and cross-cultural work environment
  • 25 vacation days
  • Work in flexible hybrid model, combining work-from-home and office
  • Education budget and conferences
  • Onboarding in Switzerland (3 days)
  • 50 euros monthly for the benefit of your choice (e.g. Multisport card, additional health insurance,..)
  • MacBook Pro and paid mobile line
  • Travel health insurance plan valid for private purposes
  • Generous referral bonus