Information Security Architect

About us: 
Templafy is the next gen document generation platform that automates all document creation across organizations.  Our platform eliminates manual document work allowing companies to drive governance, efficiency and ultimately business results. Templafy supports millions of users and enables over 800 enterprise customers such as KPMG, IKEA, BDO and more. 

Founded in Copenhagen, Denmark, in 2014, Templafy’s success is built by our 60 employee nationalities found at offices around the world. We believe when people feel they belong, have a voice, and feel heard, they are happier and perform better, and that way, everyone wins. Our innovation, diversity, and unique product have raised over 200 million in funding from Insight Venture Partners, Seed Capital, Dawn Capital, Damgaard Company and Golub Capital.  

You will be part of the Information Security team who play an integral role in improving and maintaining trust with our customers and other stakeholders as a SaaS provider. We work closely with various teams, including IT, engineering, application, data, infrastructure and other areas of business, to strengthen our security posture and enhance our ability to prevent threats and vulnerabilities to our organization. We believe in the power of collaboration and teamwork, and you will enter a culture of inclusivity, open communication and mutual respect, where everyone's voice is heard and valued. 

About the role 

As an Information Security Architect, you will provide technical leadership and expertise to assist the enterprise on what needs protection and how that protection should work. Your expertise will be critical in aligning our security strategy with broader business objectives and execution, enhancing our cybersecurity maturity, and anticipating future requirements as a leading SaaS provider. You should possess the ability to review company processes and guide areas of business to meet all of its security requirements, e.g. DevSecOps. The ideal candidate will have a solid technical background, extensive problem-solving skills and a deep understanding of security best practices and industry standards. The role will report to the CISO. 

Responsibilities 

• Reviews security and control measures, identify gaps in security architecture and effectiveness and develops a security risk management plan. 
• Conduct threat modeling to identify, communicate and understand threats and mitigations within the context of protecting enterprise infrastructure, network, applications and data. 
• Design, build, implement and support enterprise-class security systems. 
• Identify and communicate current and emerging security threats. 
• Oversee an MSSP for MXDR. 
• Responds to, and investigates, security incidents and provides thorough post-event analyses and contribute to the development of incident response plans and procedures. 
• Collaborate with third-party vendors and partners to assess their security posture and ensure the security of shared systems and data. 
• Stay up to date with the latest security threats, vulnerabilities and technologies to proactively identify potential risks and recommend appropriate security measures. 

Qualifications 

Required 

• 4-6 years of Information Security or relevant Information Technology roles. 
• Bachelor’s Degree: In Computer Science, Cybersecurity, Information Technology or a related field. 
• Knowledge of advanced cyber threats, threat intelligence and security protocols. 
• Hands-on experience with threat modelling tools and techniques, risk assessment procedures, and mitigation strategy development, such as STRIDE. 
• Proficiency in working with IAM, SIEM, XDR, DLP and vulnerability scanners. We utilize Microsoft M5 security suite products, including Microsoft Sentinel. Additionally, we use Snyk, Sonarcloud and Synopsis.   
• Excellent verbal and written communication skills are needed to communicate complex problems to both technical and executive audiences as well as influence the decision-making process. 

Preferred 

• Having expertise in application, software development life cycle (SDLC) and cloud security is highly valued in our organization, and it would be a bonus for this role. The Information Security team are frequently sought after for guidance and consultation on these matters. 
• Industry certifications are desirable, such as: 
• Azure security and/or networking speciality certifications 
• Certified Cloud Security Professional (CCSP) 
• Certified Information Systems Security Professional (CISSP) 

Templafy is a workplace of belongingness. To us this means that you have a voice, you dare to speak up, and your voice is heard. We focus on offering an environment that allows all employees to feel that they belong regardless of race, color, ancestry, religion, gender, gender identity, genetic information, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or other status.