Back to Jobs
Krakow, Poland Hybrid Employment

Unit4 is hiring an Information Security Architect

Requirements

  • Lead the security target-state architecture and multi-year roadmap, aligning risk reduction and business outcomes; socialize trade-offs with CISO/CTO/CIO leadership.
  • Lead enterprise architecture assessments across multiple environments, including: Cloud (Azure) security and network infrastructure, including Kubernetes, Identity & access management (zero trust, conditional access, PAM/PIM), Endpoint protection and device assurance, CI/CD pipelines and secure software development, SOC/SIEM capabilities and threat detection, Security governance, risk, and compliance, Platform security (Windows/Mac/Serverless)
  • Partner closely with Cloud Ops, Internal IT, and Product Architecture to ensure security is designed into enterprise platforms and product roadmaps.
  • Develop security strategies, roadmaps, reference architectures, and patterns aligned to Unit4’s security vision.
  • Design and implementation of layered enterprise security architectures, ensuring defence-in-depth and resilience across digital estates.
  • Act as a senior architectural authority in engagements across CISO, IT, and CloudOps Teams, providing well reasoned viewpoints on security principles, technologies, and patterns.
  • Ensure architectural decisions incorporate regulatory, customer, and audit requirements (ISO/IEC 27001, SOC reporting, BSI C5, NIST, CIS Benchmarks, MITRE ATT&CK, CSA CCM), and are evidenced through pattern adoption and architecture reviews.
  • Partner closely with IT and CloudOps to embed security controls, influence technology decisions, and ensure alignment to security strategy.
  • Engage with senior stakeholders (CISO, CTO, CIO, Product & Cloud leadership) to shape cyber direction and ensure architectural consistency across teams.
  • Secure architecture for multi-cloud environments (Azure primary; awareness of AWS/GCP) across networking, compute, data, containers, and serverless.
  • Collaborate on the security design, engineering, and implementation of solutions within the Microsoft 365 (M365) and Entra ID ecosystems.
  • Act as a subject matter expert for Microsoft security tooling including Microsoft Defender XDR, Defender for Cloud, Azure Policy, Endpoint management and Conditional Access.
  • Implement cloud-native architectures leveraging existing and emerging frameworks.
  • Build secure designs with Zero Trust for hybrid working, micro-segmentation, identity-centric access, private connectivity, and policy-as-code guardrails.
  • Evaluate new cloud services, ensuring risks are identified and mitigated before adoption.
  • Ensure security controls are integrated into CI/CD pipelines and DevSecOps practices (e.g., Infrastructure as Code, artifact scanning, static analysis).
  • Collaborate on the security design for workloads deployed on Microsoft Azure (IaaS, PaaS, and Serverless), ensuring alignment with corporate security policy and regulatory requirements.
  • Act as the Subject Matter Expert (SME) for Azure's native security tooling, including Microsoft Defender for Cloud (MDC), Azure Policy, and Azure Network Security.
  • Develop secure reference architectures for Azure cloud services, covering: Networking: VNets, Azure Firewall, NSGs, WAF, private endpoints, ADC (Application Delivery Controller).
  • Container platforms including AKS: cluster governance and baseline policies, workload identity, network policies, admission control, image provenance/SBOM and signing, supply chain security, secrets management, runtime threat detection, tenancy/isolation and scale/cost guardrails.
  • Compute: VMs, scale sets, serverless workloads.
  • Storage & Data Services: Storage Accounts, Azure SQL, managed databases, key management.
  • Mature security by design in Product, implementing compliance checks into pipeline and architecture review and assurance for deviations from standards.
  • Contribute security non functional requirements, reference patterns, and threat models to Product roadmaps; review high-impact designs; ensure product changes align with enterprise guardrails.
  • Contribute to enterprise blueprints, playbooks, and whitepapers to mature the architectural practice.
  • Support the ongoing development of Unit4’s secure culture and help uplift security knowledge across technical teams.
  • Serve as a trusted advisor, articulating complex security concepts and risks to both technical and non-technical audiences.

Team

Structure: CISO, IT, and CloudOps

Your first international client?

Don't lose them over invoicing

Clients ghost freelancers with unprofessional invoicing. Glopay gives you a real EU company partnership so they take you seriously from invoice #1.

Instant EU company partnership
Invoice builder with your branding
Automated payment reminders
Real-time payment tracking
Get EU company now
Ready in 24 hours
About company
Unit4
An agile, fast growing Cloud company redefining Enterprise Resource Planning (ERP) for mid-market people-centric organisations, focused on improving how people work by providing innovative, self-driving, adaptive software.
All jobs at Unit4 Visit website
Job Details
Department CISO Security Team
Category security
Posted a month ago

Similar Jobs

Other opportunities you might be interested in

CapIntel

Governance, Risk and Compliance (GRC) Analyst

CapIntel

Ottawa remote
BrainRocket

Security Engineer

BrainRocket

Belgrade On-site
Chainlink Labs

Security Engineer, Product Security

Chainlink Labs

Remote (Global)
Cyber Insight

Enterprise Sales Solution Engineer (m/w/d) IT, Cloud & Security

Cyber Insight

Leipzig Hybrid
vCluster Labs

Sr. Application Security Engineer

vCluster Labs

Munich Remote (Global)
TwelveLabs

Staff Security Engineer

TwelveLabs

California, United States Hybrid