Enterprise Security Architect (m/f/d)

Company Description

METRO is a leading international food wholesaler which specialises in serving the needs of hotels, restaurants, and caterers (HoReCa) as well as independent merchants (Traders). Around the world, METRO has approx. 15 million customers who benefit from the wholesale company’s unique multichannel mix: customers can purchase their goods in one of the large stores in their area as well as by delivery (Food Service Distribution, FSD) – all digitally supported and connected. In parallel, METRO MARKETS is being developed as an international online marketplace for the needs of professional customers which has been growing and expanding continuously since 2019. Acting sustainably is one of the company principles of METRO which has been listed in various sustainability indices and rankings, including MSCI, Sustainalytics and CDP. METRO operates in more than 30 countries and employs over 85,000 people worldwide. In financial year 2023/24, METRO generated sales of €31 billion.

At METRO, we have set ourselves ambitious goals with our “sCore” growth strategy which is closely accompanied by our Fundamentals. These shared values provide us with rules of conduct that are binding for everyone at METRO, in all countries and companies. Our commitment to wholesale is at the forefront of our mission, and we are constantly striving to improve. With our ONE METRO spirit, everyone stands together, bringing curiosity, determination, courage, drive, commitment, and trust. Find out more about METRO at careers.metroag.de. 

Job Description

Your purpose as Enterprise Security Architect (m/f/d):

• You develop and implement a strategic and comprehensive architecture artifact (blueprints, principles, etc.) to be included into our overall METRO Enterprise Architecture to enable the development of the needed business capabilities.
• That is how you support METRO's business objectives and secure that our information and digital eco-system are protected against undesired risks.
• You’ll hold strategic influence over security and technology decisions and therefore implicit impact on METRO entities. With your expertise you prescribe the security technologies and capabilities which METRO must implement or use.

Your tasks:

• Liaise with Enterprise Architecture and IT Architecture teams around IS related topics for Enterprise IT implementations​
• Communicate Security Architecture Strategy and Principles to IT teams, ensure understanding within the CISO team and be part of development and change of IT Strategy and IT Architecture​
• Identify business and technical security requirements, design security controls, provide guidance and advice on testing their effectiveness while ensuring the product implemented address both business and security needs​
• Provide recommendations based on the allocated IT budget in regards to enhancement, integration or further acquisition of security tools​
• Anticipate IT risks, take timely action and lead the development of technical capabilities as well as the development and maintenance of all business, technical and all other architectures with impact​
• Create and maintain IS architecture documents that outline the operational, systems, and technical view of the security architecture, including all areas critical to cyber defense​
• Provide expert support, analysis, research, and advice on complex cyber security problems, and processes
• Partner with risk management to quantify risks and translate complex IS issues into business language
• Build and lead community engagement programs within your ecosystem by attending conferences.
• Identify industry and technology trends, opportunities, and security gaps and help convert these into technical requirements

Qualifications

• You are curious, with a growth mind-set and enjoy a transformational work environment.
• Completed Degree in Computer Science or Cyber Security with around 5-10 years of experience. 
• Proficiency in enterprise architecture principles and practices. 
• Ability to collaborate with global Enterprise Architecture teams. 
• Expertise in designing and proposing security controls to address business and technical requirements. 
• Knowledge of security control testing and effectiveness assessment. 
• Proficiency in risk management, including the ability to identify and quantify IT risks. 
• Skill in taking timely action to mitigate identified risks. 
• Ability to create and maintain comprehensive IS architecture documents. 
• Proficiency in documenting operational, systems, and technical views of security architecture. 
• Positive mind-set
• Fluent English is mandatory, other European languages are considered a plus.

Additional Information

What we offer:

• To be part of a fast-growing international team that has significant scaling ambitions across multiple markets.
• Work-Life Balance: Trusted working hours, 30 days of vacation and home office options.
• Further training: A comprehensive further training offer over an own training team.
• Well-being: Health programs, a free fitness studio on our campus and regular employee events.
• Comfort: Very good public transport connections and free parking spaces. A canteens with a varied selection of meals and discounts in our stores and at many partner companies.