Enviar candidatura ahora »

IT Architect (STC)

Fecha:  11-sep-2022
Población:  Sant Cugat del Vallés
Empresa:  GFT Technologies SE


As a pioneer for digital transformation GFT develops sustainable solutions across new technologies. GFT clients gain easy and safe access to scalable IT-applications and innovative business models.


We are looking for an IT Architect with solid knowledge designing IT systems architecture and strong focus in the security part of solution. We are looking for an enthusiastic and dynamic person willing to grow in a multi-cultural, motivating and challenging environment.


Your main responsabilities:


As part of a team of Architects and IT Security specialists you will be collaborating in diverse projects carrying out diverse tasks such as:

- Providing support to projects auditing / reviewing security-related aspects such as application security, security architecture design, tools and processes

- Design of security architecture solutions working close to other profiles developers, infrastructure experts, architects following a security-by-design approach

- Assist with the design and adoption of DevSecOps strategies allowing more efficient and secure lifecycle

- Contribute to increase IT systems resiliency with the adoption of SRE (Site Reliability Engineering) techniques such as Chaos Engineering

 - Assist organizations in their move to cloud providing design for their security foundations and design of Landing Zones in a shared responsibility model

- Continuous evaluation of the Cybersecurity domain evolution and trends and contribution to development of GFT offerings in the cybersecurity field

-Collaboration with our partners ecosystem in the field of Cybersecurity


Skills will help you succeed:


- Solid knowledge and experience designing architectural solutions (on-premise, cloud or hybrid highly scalable, available and secure solutions under traditional or IaC (Infrastructure as Code) approaches)

- Used to consider security-related aspects such as how to integrate system components in a secure way, integration with 3rd party systems, protocols and measures to apply so the solution is secure, etc.

- Used to discuss security-related aspects (such as above examples) with IT Security specialists and refine / agree the solution.

- knowledge of application security design according to best practices (such as OWASP) to protect against application attacks

- knowledge of cloud (any cloud provider)


Nice to have (but not mandatory) to have one or more:


- Knowledge and experience with IAM (Identity and Access Management) platforms. Authentication mechanisms, adaptive security, MFA (multi-factor authentication), authorization and delegation of access standards

(OAuth2, OIDC, UMA).

- Knowledge and experience with API security (engagement models, protocols / standars, API Gateway security best practices, supporting API infrastructure security)

- Knowledge and experience with any regulatory standars with strong security requirements such as PSD2, GDPR, PCI, HIPAA

- Knowledge and experience with Web services security

- Knowledge and experience with Cloud security (deep understanding of shared responsability model, defense-in-depth design, networking, IAM best practices)

- Knowledge and experience with CSPM (Cloud Security Posture Management such as Trend Micro Cloudconmity, for instance) or CWPP (Cloud Workload Protection Platform)

- Knowledge and experience with higly distributed microservices architecture (on-premise, cloud or hybrid) implementing ZTM (Zero-Trust model approach)

- Knowledge and experience with service mesh (such as Istio or Hashicorp Consul)

- Knowledge and experience with SRE testing (Site Reliability Engineering). Chaos engineering techniques.

- Knowledge and experience with privacy and data loss prevention (DLP solutions)

- Knowledge and experience with mobile clients security

- Knowledge and experience with any security-related frameworks and bechmarks such as ISO2700X, NIST, CIS, CSA, Well-Architected frameworks

- Knowledge and experience with containers security

- Knowledge and experience with secrets management tools and/or PKI automation (hashicorp vault, for instance)


Soft skills


- Good communication skills and used to deal with clients

- Team player

- Autonomy / self-organization



Our offer: 


  • Competitive salary 

    Restaurant tickets and life insurance for every employee 
  • The possibility of Working from Home 
  • Flexible compensation plan, according to your needs 
  • Customized plan for professional development and training program 
  • Technical certifications 
  • Subsidized English / German / Spanish courses 
  • Flexible working hours and short Fridays 
  • Program to improve and promote a healthy lifestyle at work: a sports program and fresh fruit in the offices 
  • International work culture 
  • Discount with Andjoy (called before Gym for Less) 


At GFT we consider diversity as one of our main pillars and we foster an inclusive work environment based on cooperation and mutual respect.  We offer equal opportunities for everyone regardless of race, cultural background, gender, age, sexual orientation, gender identity, disability or religious beliefs.


Join our global team!

Enviar candidatura ahora »