Security Architect

  • Flexible

    Porto, Portugal

    Lisbon, Portugal

    Madrid, Spain

    Barcelona, Spain

  • 121645

  • Remote

  • Permanent

  • Full Time

  • 37.5-40hrs

TUI Group is the world’s number one integrated tourism business. Platform and Enterprise Architecture is a global team responsible for transforming the technology landscape to a single global platform, driving our competitive edge through technology innovation. We’re a multi-disciplinary team of experts across Security, Architecture, Engineering, DevOps and Agile Delivery providing services across the UK, Ireland, Sweden, Norway, Denmark, Finland, Germany, Austria, Belgium, The Netherlands and Aviation, Cruises and destinations worldwide.


At TUI we’re ambitious to become the leader in technology within the travel industry and to achieve this we are looking to build a capable, creative team who want to be a part of accomplishing that goal.


We never stop looking ahead, seeking new ways to delight our customers and grow our business. We recognise the power of digital and the massive contribution this brings to creating a truly unique and differentiated customer experience.


We are looking for a talented and dedicated security leader to join the Platform and Enterprise Architecture technology organisation.


The Security Architect collaborates closely with Product Owners, Solution Architects, Security Specialist and delivery teams and acts as a spokesperson on behalf of security and architecture in technical engagements.


The Security Architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches to new technologies. You collaborate closely with technology teams and other security specialists across the Group, ensuring our security controls and solutions support our business goals.


You are an advocate for state-of-the-art security architecture within TUI and are well-connected within the global technology communities.




As a Security Architect, you will be working with colleagues in delivery teams within an agile environment. As an enthusiast in security architecture, you will use your excellent facilitation and solicitation skills and strong security mindset to effectively engage with teams, developing a strong understanding of their context and the challenges they are dealing with.


You’ll enhance the capability of the wider team through continuously exploring new ways to improve the quality of solutions, ensuring that project/ product technical options are considered, and recommended approaches are clearly designed with valuable solutions.


You have ownership of TUIs platform security architecture roadmap and will drive maturity improvements in this space by adopting suitable latest industry trends. 


You identify and implement improvement architectural practices in an agile environment and map the discrepancy between the current processes and the desired state to continuously innovate the IT processes, adapting them to market trends. You ensure that technical implementation is in accordance with the enterprise and solution architecture standards, and the objectives of the organisation. In addition to maintaining a helicopter view of your technology landscape, you also ensure correct implementation of the correct components, standards, design principles and patterns for software development.


You will, together with your colleagues, research, evaluate and test new security processes and tools and help teams to use them effectively. You collaborate closely with Technology Leads to increase security maturity in all teams to help achieve the agreed OKRs/goals at team and domain level.  You help define the securityrelated areas of the systems, service or domain’s technology strategy, objectives and develop new tools and techniques to improve the necessary capabilities.


You are an active member of the global security and architecture communities. You love to learn and acquire new skills and you enjoy teaching others. You are not afraid to get stuck in and work directly with teams – you hate being in an ivory tower.


Security is part of everyone’s job. At TUI, we practise secure behaviours first in everything we do.




  • An experienced security architect and authentic servant leader with passion for technology and securityarchitecture.
  • Proven track record in designing architecture blueprints and the optimisation of them to, manage information security risks, drive development and innovation.
  • Proficiency in translating security vision into viable strategies and in conveying such strategies back to stakeholders at different levels of the organisation.
  • Experience in working in an agile environment and able to integrate architecture practises in an agile way of working.
  • Great communicator and facilitator comfortable working across organisational and market boundaries and managing senior stakeholders. Able to disagree yet align.
  • Good grasp of experience with cloud technology, design patterns, micro-services, CI/CD and DevSecOps.
  • Enjoys and gets energized by complex security problem solving with an ability to push innovation through technical solutions.
  • Able to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders, and able to respond to challenge.
  • You can design and review system architectures through the application of patterns and principles.
  • You can run Threat Modelling sessions and mentor others in the practice.
  • You have proven experience of enabling and informing risk-based decisions. You can describe different risk methodologies and how these are applied, as well as the proportionality of risk.
  • You have a broad knowledge of security but have in depth knowledge in one or more areas such as Cloud, Data Protection, Engineering, Infrastructure or IAM.
  • You have a proven experience of authoring technical security standards and patterns.
  • You are familiar with security best practices (including ISO27001 and/or NIST 800-53) and relevant security legislation.
  • Have achieved security certification(s) such as CISSP/CISM/CeH or equivalent.
  • Have IT security architecture experience including certification such as TOGAF/SABSA or equivalent.
  • Hold relevant Cloud AWS certification such as AWS SAA, AWS SA Pro, AWS Security Specialist.




  • Being a valuable team member of TUI, the No.1 global and socially aware travel company.
  • Competitive salary and benefits.
  • Smart working (Flexible hours) and possibility of working remotely up to 100% or Hybrid from one of our offices.
  • Develop yourself as part of a friendly, richly, diverse and virtual international team.

If you want to know more about why TUI Group is the world’s leading tourism group, and our continuing work in the diversity & inclusion space, simply visit