The increasing complexity of modern software systems magnifies the challenges associated with ensuring their security. Despite the recognized importance of integrating security early in the software development lifecycle, implementation faces significant challenges due to a global shortage of cybersecurity professionals and insufficient expertise among software architects. This highlights the need for tools that are able to support software architects in making informed security-related design decisions. This thesis addresses this need by proposing a recommender system tailored for secure system design. The system employs a constraint-based recommendation approach to provide context-aware suggestions in a two-phase process. In the first phase, it recommends security patterns — reusable, conceptual solutions for essential security controls such as authentication or authorization. In the second phase, it refines these recommendations by proposing security design patterns, offering actionable solutions for effectively integrating the selected security pattern from the previous phase into the software architecture. The system filters out patterns that do not meet the minimum requirements and ranks the viable options based on how well they align with the user-specified criteria. Additionally, the system offers detailed explanations of the rationale behind its recommendations to foster user trust and understanding. A functional prototype implementation demonstrates the feasibility of this approach, focusing on the first recommendation phase. While data limitations prevented comprehensive evaluation and the second phase implementation, this thesis lays the groundwork for future research and development. By bridging the gap between theoretical security principles and practical application, this work aims to empower software architects with accessible and reliable tools for enhancing system security.