Senior Security Architect

🇫🇷 France - Remote
🔒 Cybersecurity🟣 Senior

Job description

Shift is the leading AI platform for insurance.  Shift combines generative, agentic, and predictive AI to transform underwriting, claims, and fraud and risk - driving operational efficiency, exceptional customer experiences and measurable business impact.  Trusted by the world’s leading insurers, Shift delivers AI when and where it matters most, at scale and with proven results.

Our culture is built on innovation, trust, and a drive to transform the insurance industry through our SaaS platform. We come from more than 50 different countries and cultures and together we are creating the future of insurance.

The security team is a critical component of Shift Technology as no organization is immune to cyber-crime. The team is responsible for protecting information throughout the security infrastructure, edge devices, networks, and data. We strive to stay up to date with the latest tactics hackers are employing in the field in order to prevent data breaches by monitoring and reacting to attacks but the first step is finding the most qualified professionals to lead the way.

What you’ll do…

As a Senior Security Architect, reporting to the CISO, you will be a senior member of the Information Security team, responsible for the end-to-end security architecture of our Azure-based SaaS platform and the creation, adoption, and governance of security architecture best practice across our organisation. You will serve as the subject matter expert for both cloud infrastructure and application security, partnering with engineering teams to embed security into the entire software development lifecycle (SDLC). You will design secure, scalable, and resilient solutions for our single- and multi-tenant offerings, ensuring the protection of our platform and our customers’ data.

RESPONSIBILITIES

Cloud Security Architecture

  • Design and maintain the security reference architecture for our Azure-native, Windows, and Kubernetes-based SaaS products.
  • Act as the primary security consultant for product and engineering teams, providing authoritative guidance on secure design patterns for Azure infrastructure and services.
  • Review and approve architectural designs for new services to ensure they align with security principles (Zero Trust, defense-in-depth) and compliance requirements.
  • Define and enforce security standards for Azure networking, including VNet segmentation, firewalling, and private connectivity.

Product & Application Security

  • Lead threat modeling exercises (e.g., STRIDE) with development teams for new products and features to identify and mitigate risks early in the SDLC.
  • Develop and maintain secure coding standards and provide expert guidance on the prioritization and remediation of findings from SAST, DAST, and SCA tools.
  • Architect security solutions for the SaaS application layer, including tenant isolation, customer data segregation, secure APIs, and authentication/authorization patterns.

Data Security

  • Design and enforce security patterns for protecting data at rest and in transit across all Azure data platforms (e.g., Azure SQL, Cosmos DB, Databricks)
  • Partner with the Data Access Governance function to translate data classification policies into tangible technical access controls.
  • Architect solutions for secrets management, encryption, and key management, primarily leveraging Azure Key Vault.
  • Architect and design a secure data access solution using VDI (Azure Virtual Desktop), including the integration of Data Loss Prevention (DLP) and other data protection controls to prevent data exfiltration.

Security Engineering & Operations Enablement

  • Develop security-as-code and Infrastructure as Code (IaC) to create guardrails and proactively detect insecure configurations.
  • Serve as a senior technical escalation point for the Security Operations team during complex cloud security investigations.
  • Evaluate, prototype, and recommend new cloud security technologies and services to mature the overall security program.

SKILLS & BACKGROUND

Experience & Qualifications

  • At least seven (7) years of proven experience in a senior cloud security, product security, or security architecture role.
  • Bachelor’s Degree in a relevant field or equivalent work experience.
  • Relevant security or Azure certifications (e.g., AZ-500, CISSP) are highly desirable.

Architectural & Application Security Expertise

  • Proven experience designing security for multi-tenant SaaS applications in a public cloud environment, preferably Azure.
  • A firm understanding of core security principles like least privilege, defense-in-depth, and zero trust, and able to champion and educate colleagues on those principles.
  • Deep understanding of the OWASP Top 10, common application and cloud infrastructure security vulnerabilities, and their mitigation.
  • Hands-on experience with application security tools (SAST, DAST, SCA) and threat modeling methodologies such as STRIDE.

Azure Platform & Data Security Expertise

  • Strong knowledge of core Azure security services (e.g., Sentinel, Defender for Cloud, Key Vault, Private Link, Azure Policy).
  • Expert-level knowledge of Microsoft Entra ID, including roles, conditional access, application permissions, and identity governance.
  • Experience designing and implementing security controls for a variety of data platforms in Azure (e.g., Azure SQL, Cosmos DB).
  • Direct experience designing and securing VDI solutions in Azure (Azure Virtual Desktop), including network segmentation, endpoint security for images, and DLP policy enforcement.

Knowledge & Frameworks

  • Strong familiarity with security frameworks, particularly MITRE ATT&CK.
  • Understanding of compliance and privacy frameworks for context (e.g., ISO 27001, SOC 2, NIST CSF, HIPAA, GDPR).
  • Broad understanding of core information security technologies and concepts.

Core Competencies

  • A strong analytical and investigative mindset with high attention to detail.
  • Excellent communication skills, with the ability to clearly articulate technical findings.
  • A collaborative team player who can work effectively with technical and non-technical stakeholders.
  • Ability to use architecture as a positive tool to guide, shape, transform, and accelerate.

RECRUITMENT PROCESS

  • TA Interview
  • CISO interview
  • Security team interview
  • CTO interview

#LI-RH1 #LI-HYBRID

To support our permanent, full time employees at every stage of their careers and lives, we provide a competitive total rewards and benefits package. Here are the global benefits we’d like to highlight:

  • Flexible remote and hybrid working options
  • Competitive Salary and a variable component tied to personal and company performance
  • Company equity
  • Multiple Learning and Development opportunities, including Focus Fridays, a half-day each month to focus on learning and personal growth
  • Generous PTO and paid holidays
  • Mental health benefits
  • 2 MAD Days per year (Make A Difference Days for paid volunteering)

Additional benefits may be offered by country - ask your recruiter for more information. Intern and Apprentice position are eligible for some of these benefits - ask your recruiter for more details.

At Shift we strive to be a diverse and inclusive workforce. We welcome applications from and hire people who will contribute to the diversity of our company, without regard to race, color, religion, marital status, age, national or ethnic origin, physical or mental disability, medical condition, pregnancy, genetic information, gender identity or expression, sexual orientation, or other non-merit criteria.

Shift Technology is committed to providing reasonable accommodations for qualified individuals with disabilities in our application and employment process. Should you require accommodation, please email [email protected] and we will work with you to meet your accessibility needs.

Please be aware of scammers and only trust correspondence that comes from emails ending in “shift-technology.com”. We will never do initial outreach to you via Whatsapp/Text/SMS, never ask for banking information or personal identification numbers (ex. Social Security Number) as part of our recruitment process.

Shift Technology does not accept unsolicited CVs from recruiters or employment agencies in response to the Shift Technology Careers page or a Shift Technology social media post. Any unsolicited CVs, including those submitted directly to hiring managers, are deemed to be the property of Shift Technology.

Share this job:
Please let Shift Technology know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Shift Technology logo

Shift Technology

  • 501-1000 employees
  • Founded in 2013
  • 15 remote jobs

Latest Jobs at Shift Technology

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply