Secure by Design Consultant

Düsseldorf | hybrid | € 70.000 – 90.000 + Bonus | permanent

Right now, the wave of AI-ready cyber resilience and EU regulations (NIS2, DORA, EU CRA, EU AI Act) is reshaping how every large organisation in Europe approaches cybersecurity. Our Secure by Design practice is at the heart of this shift and takes it a step further: Compliance with regulatory requirements is a given for us, sustainable technical implementation is what we pride ourselves on: outcome-based rather than hour-based, knowledge-focused rather than leverage-focused, product-led rather than slide-led.

To continue meeting our clients’ needs whilst maintaining our quality standards, we are seeking experienced Secure by Design Consultants to help shape our scale.

THE ROLE

• You run threat modelling workshops together with product or platform teams and advise decision-makers strategically on Secure-by-Design.
• You analyze complex cloud, software and AI architectures, improve technical and organizational processes, and controls to derive measurable key risk indicators (KRIs).
• You contribute hands-on by integrating security tools into CI/CD pipelines, optimizing Secure SDLC processes, and confidently working with infrastructure code when needed.
• You present and facilitate discussions confidently with both technical and non-technical stakeholders.
• You’re part of an interdisciplinary team and actively shape the development of our practice areas.

YOUR PROFILE

Must haves

• At least 3 years’ experience in cybersecurity, for example in consulting, cloud, or software engineering
• Practical experience running security risk assessments and producing security plans or concepts that engineering teams actually used
• Solid hands-on knowledge in at least one of: cloud security (AWS / Azure / GCP), threat modelling, application security, CI/CD security tooling
• Confident in front of a client — running a workshop, presenting findings, writing for a CISO or product-owner audience
• Clear written and spoken English

A real plus

• German at B2 or higher
• Familiarity with the EU Cyber Resilience Act (CRA) or EU AI Act
• Experience with a recognised risk-assessment method (ISO 27005, NIST 800-30, FAIR, BSI-Standard 200-3)
• A cloud security certification (AWS / Azure / GCP security specialty, or CCSP)
• Kubernetes, Infrastructure as Code (Terraform), container security
• Open source contributions, a blog, talks or any portfolio of how you think

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

WHY CLOUDYRION

• We support EU Blue Card sponsorship and offer a relocation package for international hires
• 30 days of vacation plus additional days off on Christmas, New Year’s Eve, and your birthday
• Hybrid work with two remote days per week, trust-based working hours and the opportunity of Workations in any EU country
• Individual learning and development opportunities, including full coverage of advanced trainings, certification costs, and educational leave for exam days
• In-house gym, massage chairs, gaming area, and dedicated break spaces
• Regular team events and plenty of space for real collaboration

ABOUT CLOUDYRION

CLOUDYRION was founded in 2020, bootstrapped and built around a simple idea: cybersecurity done properly, by people who actually care.

We work with large enterprises in the telecoms, banking, insurance, automotive and critical infrastructure sectors. Our Secure by Design, Ethical Hacking and Secure Strategy Consulting services help them get security right from the ground up.

With our founder as CEO and free from investor influence, we are still upholding our values five years on: Fail fast and learn quickly. Be a ray of sunshine. Tear down those walls.

Working at CLOUDYRION means being part of a team who love what they do, embrace diversity and celebrate their successes together.

This approach has proven its worth: our team now consists of 35 people and generates an annual turnover of around €6 million.

Learn more

Insights from real-world projects, technical deep dives and our take on secure-by-design, cloud security and modern security architectures can be found on our blog.

Authentic insights into our office life can be found on Instagram.

Let’s talk!

Do you feel inspired to take your next step? Then we look forward to your application. Whether classic or creative is up to you. What matters most is that you show us what drives you.

Contact:

Katharina - People & Culture

📩 career@cloudyrion.com

📞 +49 173 633 3724

You can find information on data protection during the application process at CLOUDYRION here.