IT Security Architect

Everyone's story matters. Come shape your story with us at Riverty.
But where does that take you?
 
To one of our 30 hybrid workspaces – designed for exchanging ideas, learning from others, and shaping the way we work. An international community of over 4,000 people, representing almost 80 nationalities across 11 countries. United by one mission: Combining empathy, advanced technology and data-driven insights to keep people and businesses in flow. With payments made for them. So that they don't have to worry about it.
 
And there's more. We are part of the family-owned Bertelsmann group. Established. Corporate. In a fast-paced industry. We enable flexible payments in various industries, simplifying the financial management of known brands and helping people repay debt to build financial confidence. In short: shaping FinTech.

We are looking for an

IT Security Architect (m/f/d)

(unlimited, full-time) Join our team at our location in Tallinn – flexible working conditions available

We are seeking an experienced IT Security Architect with expertise in cloud and network security, Identity and Access Management (IAM), Privileged Access Management (PAM), and an understanding of the financial services' regulatory environment. This strategic role involves designing secure, scalable architectures and guiding the implementation of security controls across a complex, international IT landscape.

Key Responsibilities

• Enterprise Security Architecture
  • Lead the design and evolution of enterprise security architecture in close collaboration with business, IT, and external partners.
    Ensure alignment of security architecture with strategic business objectives, infrastructure modernization, and cloud transformation initiatives.
• Security Governance & Risk Management
  • Provide expert-level guidance on implementation of security controls to infrastructure, operations, and other stakeholders to ensure compliance with industry standards and regulations (ISO/IEC 27001, PCI DSS, GDPR, DORA, SWIFT CSP).
  • Drive security reviews and continuous improvement programs across business units and geographies.
• Security Architecture Consulting (with Financial Sector Focus)
  • Deliver security consulting at both application and infrastructure levels, with emphasis on:
  • Financial platforms and payments infrastructure (e.g., core banking, real-time payments).
  • IAM/PAM architecture, including RBAC, ABAC, JIT access, MFA, SSO, and federated identity (SAML, OAuth2, OIDC).
  • API and third-party FinTech integration, applying secure patterns (e.g., token-based authentication, mTLS).
  • Secure deployment of SaaS tools like Microsoft 365, with controls for DLP, conditional access, and email security.
• Cloud Security & DevSecOps
  • Design secure architectures for hybrid and cloud-native environments (Azure, AWS, GCP).
  • Integrate Zero Trust, least privilege, and infrastructure-as-code principles into cloud and DevOps environments.
  • Embed security into the SDLC using automated scanning (SAST, DAST, IAST) and container security practices.
• Policy, Standards & Control Implementation
  • Define, implement, and maintain enterprise-wide security policies, controls, and technical standards.
  • Ensure alignment between security governance, vulnerability management, and enterprise architecture.
• Research & Innovation
  • Continuously monitor emerging cyber threats, compliance trends, and security innovations to improve security posture and advise strategic direction.

Qualifications & Experience

• Education:
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent practical experience).
• Experience:
  • 8+ years in IT security architecture or engineering, within financial services, banking, or payments is a benefit.
  • Proven expertise in IAM, PAM, cloud and network security, and integration of third-party services.
  • Strong background or familiarity with secure software development and DevSecOps practices.
• Certifications (Preferred):
  • CISSP, CISM, TOGAF, ISO/IEC 27001 Lead Implementer/Auditor, ITIL, SABSA, CEH, or equivalent.

Skills & Competencies

• Deep knowledge of enterprise and cloud security architecture and controls.
• Solid understanding of regulatory frameworks: ISO/IEC 27001, NIST CSF, PCI DSS, DORA, GDPR, SWIFT CSP.
• Strong analytical skills and a pragmatic, risk-based approach to security decisions.
• Excellent communication and stakeholder management in matrixed, international organizations.
• Proactive, self-motivated, and committed to continuous learning.
• Fluent in English; German proficiency is highly beneficial.

Our plus points:

• Inclusive and valuing culture: At Riverty, you can be who you are. We strive to create an inclusive environment and an appreciative culture, enhanced by our employee networks.
• Health & Wellbeing: Your physical and mental health is important to us. Take advantage of our various preventive care and support services.
• Professional and Personal Development: Take advantage of our numerous training and development opportunities. Benefit, for example, from training courses offered by Bertelsmann University, language courses or leadership trainings.
• Monetary Benefits & Discounts: Know that you're appreciated with plenty of employee benefits & discounts just for you.
• Flexibility: Our diverse working models empower you to customize your work to perfectly align with your preferences. Benefit from mobile office, flexible working hours and part-time models.

More information on  Are you already convinced? Then we look forward to receiving your online application – with just a few clicks.

Equal Opportunity Employer Statement
We want to be a fair and inclusive employer. We value the diverse perspectives that a diverse workforce brings to the table. Therefore, we are actively looking for people who enrich our company through their identity, background and personal experiences, with or without a disability.

Company: Riverty Tech OÜ | Job ID: 282159