WHO WE ARE
As a 100% subsidiary of Porsche AG, we at Porsche Digital are dedicated to developing innovative visions, strategies, products, business models, and inspiring customer experiences that redefine the Porsche brand in the digital age. Our mission involves not just creating strategies but also pioneering forward-thinking solutions and concepts. Porsche Digital operates
THE JOB
This is an exciting opportunity for an experienced Cyber Security Architect to join Porsche Digital's team in Tel Aviv, where you will be responsible for auditing, assessing, and advising on the security architecture and practices across our IT systems. You will collaborate with various teams to ensure that security is seamlessly integrated into the design and development of new IT systems and services. Your primary focus will be identifying risks, ensuring compliance with security standards, and advising on the implementation of security controls.
You will play a critical role in reviewing security concepts, conducting assessments, and ensuring Porsche's IT infrastructure adheres to the highest security standards and best practices.
What You Will Do
- Security Architecture Evaluation and Auditing: Conduct security reviews of cloud, infrastructure, and application architectures. Evaluate new and existing IT systems to ensure they align with industry best practices and security standards. Collaborate with teams to identify weaknesses, recommend improvements, and ensure security measures are robust.
- Define and enforce security standards and frameworks: Ensure compliance with security standards (e.g., ISO/IEC 27001, NIST) by reviewing security policies, frameworks, and controls for IT projects.
- Risk assessments: Proactively identify security risks through risk assessments and threat modeling, ensuring vulnerabilities are addressed before they become threats.
- Security strategy and advanced coaching: Provide strategic security guidance and advanced coaching to teams, helping them integrate robust security principles into their workflows and make security a core aspect of their designs.
- Security reviews for IT projects: Work closely with IT project teams to ensure security requirements are incorporated into system and application designs, and conduct project-specific security assessments.
- Collaboration with cross-functional teams: Partner with development, infrastructure, and operations teams to ensure security is integrated into all stages of system design and deployment.
What You Bring Along
- 3-5 years of experience in cybersecurity, with direct experience in assessing, designing, or auditing security measures for enterprise systems.
- Proven experience with security architecture: Strong background in reviewing and assessing security architectures for IT systems, applications, and infrastructure, ensuring alignment with industry best practices and frameworks (e.g., ISO 27001, NIST).
- Agile skills and experience, team-oriented working attitude: Comfortable working in an agile, collaborative environment with the ability to adapt security practices to rapidly evolving IT projects.
- Bachelor’s or Master’s Degree in Computer Science, Information Security, or a related field, or equivalent experience. Ideally, experience with security-focused certifications (e.g., CISSP, CISM, or similar).
- Strong communication skills in English and Hebrew (German is a plus), with the ability to clearly convey security concepts to both technical and non-technical stakeholders.
- In-depth understanding of security frameworks and standards (e.g., ISO/IEC 27001, NIST CSF) and practical experience implementing these frameworks in complex IT environments.
- Security risk management: Demonstrated experience identifying, analyzing, and mitigating security risks, including conducting threat modeling and vulnerability assessments for enterprise IT systems and cloud environments.
- Experience conducting security audits and reviews for cloud, infrastructure, and application security, with knowledge of compliance and regulatory requirements.
- Extensive experience in cloud security and IT stack security: Deep knowledge of securing cloud platforms (AWS, Azure, GCP) and implementing cloud security best practices, along with a proven ability to review and design security architectures for both cloud-based and on-premise systems.
- Expertise in identifying and mitigating security risks and vulnerabilities: Strong understanding of common security exploit types and vulnerabilities, with expertise in frameworks like OWASP Top 10 and CWE/SANS Top 25. Skilled in evaluating and addressing security risks across modern IT systems, applications, and cloud environments.
