Architect - Identity Documents & Permissions

• Architect - Identity Documents & Permissions Project duration: 18.05.2026 - 31.04.2031 Extension option: Yes Workload: 60- 80% Remote share: 20% German requirement: C1 (strict mandatory) Project Description The architect will design secure PKI-based architectures, integrate HSM modules, migrate legacy systems, and ensure compliance with federal security standards in a high?security environment. Tasks

• Design PKI architectures (Root CA, Sub CAs, certificate lifecycles)

• Integrate HSMs for secure key handling and g operations

• Define federal-compliant architecture documentation (ARC42)

• Lead architecture for IT system replacement and migration to microservices

• Define authentication, authorization, encryption, and network zoning concepts

• Ensure adherence to ISDS, IKT security, and federal guidelines

• Conduct architecture reviews and technical assessments

• Support integration teams (backend, frontend Angular, operations)

• Collaborate with federal governance bodies and project leadership

Mandatory Skills

• PKI architecture experience (>60 months)
• HSM experience (architecture, engineering, or development)
• Strong experience in security architecture
• Experience in IT system replacement projects
• Expertise in synchronous integration (SOAP, REST, gRPC, SEDEX)
• Expertise in asynchronous integration (Kafka, Schema Registry, AsyncAPI, JMS/MQ)
• Strong microservice deployment knowledge (Docker, Kubernetes, Helm, ArgoCD)
• Angular architecture experience
• Federal architecture governance experience
• German C1 (required for documentation & communication)

SThree_Germany is acting as an Employment Business in relation to this vacancy.