Remote Security Architect — Cloud & Compliance; Europe Job Parma Ohio USA,IT/Tech

Position: Remote Security Architect — Cloud & Compliance (Europe)

At Qdrant, security is not just a checkbox; it is a core feature of our high-performance vector database. As our Security Officer, you will be the strategic lead and technical executor of our security posture. You will bridge the gap between high-level compliance (SOC 2, GDPR, HIPAA, …) and deep-tier engineering. Your mission is to further evolve and scale our security culture with the existing "Security Champions" program while remaining hands-on with architectural risk assessments and Cloud infrastructure hardening.

You aren't just managing a backlog — you are building the foundation that allows Qdrant to scale safely.

Location

This role is remote and open to candidates located in Europe.

Candidates must demonstrate a mastery of European regulatory landscapes; this geographical preference is based on the technical requirements of the role rather than citizenship.

Location

This role is remote and open to candidates located in Europe.

Candidates must demonstrate a mastery of European regulatory landscapes; this geographical preference is based on the technical requirements of the role rather than citizenship.

Tasks

Backlog & Strategy: Own and prioritise the Security Backlog, translating high-level threats and compliance needs into actionable engineering requirements for the development teams.
Security Champions Program: Lead and evolve our existing Security Champions initiative, mentoring engineers to perform internal security reviews and ensuring security is a distributed responsibility rather than a bottleneck.
Architectural Risk Management: Conduct formal Architectural Risk Assessments on critical components (e.g., Cloud RBAC, JWT, Inference) to ensure security is "baked-in" during the design phase of the SDLC.
Compliance & Audits: Maintain our "always-audit-ready" status using Drata and Hey Data. You will oversee annual SOC 2 audits, GDPR requirements, and drive our OWASP SAMM roadmap toward a maturity score of 1.0.
Multi-Cloud Security Governance: Oversee security posture management across AWS, GCP, and Azure; leading technical compliance audits and implementing automated identity and access management (IAM) to ensure infrastructure resilience.
Vulnerability Management & Pentesting: Manage the bi-annual penetration testing lifecycle, coordinate with external security researchers (Bug Bounty Program), and ensure timely remediation of findings in coordination with the development teams.
Sales & Growth Support: Act as the subject matter expert for customers, completing detailed security questionnaires and ensuring our marketing vendor ecosystem remains compliant.

Requirements

Must-have

Experience: 5+ years in Security Engineering, Dev Sec Ops , or as a Security Officer in a cloud-native SaaS environment.
Cloud Proficiency: Technical knowledge of AWS, GCP, Azure (IAM, Multi-AZ architectures, Trusted Advisor, etc.).
Regulatory & Policy Fluency: Practical experience maintaining SOC 2 Type II, HIPAA, and GDPR. You can architect a unified security policy framework that satisfies multiple compliance standards simultaneously, reducing operational overhead for the engineering team.
Risk Assessment Skills: Ability to perform threat modeling and architectural risk classification on complex distributed systems.
Communication: Strong stakeholder management skills; you can advocate for security resources during quarterly capacity planning and explain P0 risks to leadership.
Self-Starter: The ability to move from "reading the exact policy" to "investigating the code" to provide an informed response to…