Enterprise Security Architect

Fincons Group is an IT business consulting company that has been designing the digital future of leading companies on international markets for 40 years. Fincons Group built its reputation on foreseeing and interpreting new business models and the rapid evolution of IT systems by building a complete range of services: from research and consulting to design and development, from system integration of leading vendor software solutions right up to application management, supporting clients step by step along their digital transformation journey. Fincons is a multinational with over 2,600 people and several offices worldwide (in Italy, Switzerland, Germany, France, the United Kingdom, Belgium and the USA), but above all a Family Company where the founders play a strategic role with commitment and passion, grounding the company in the same principles of a united and caring family.

We firmly believe in the value of cooperation and in the contribution that every idea and intuition can bring. We believe that everyone's effort can make a difference. Transforming knowledge into a strategic resource is our company mission, and we pursue it with the help of our most strategic asset: our people.

Fincons is looking for a ENTERPRISE ARCHITECT

TASKS

• Security Architecture and Risk Assessment: Define and supervise the development of comprehensive security architectures, ensuring alignment with Zero Trust principles and conducting regular risk assessments to identify and mitigate potential vulnerabilities.

• Policy Development and Enforcement: Develop, implement, and enforce security policies and procedures that comply with industry standards and regulatory requirements, including GDPR and eIDAS.

• Network and Application Security Oversight: Supervise the implementation of network security measures such as firewalls, intrusion detection/prevention systems (IDS/IPS), and virtual private networks (VPNs). Oversee application security initiatives, ensuring adherence to OWASP guidelines and secure software development lifecycle (SDLC) practices.

• Identity and Access Management (IAM): Coordinate the implementation of IAM solutions, including role-based access control (RBAC) and attribute-based access control (ABAC), to ensure secure and compliant access to systems and data.

• Compliance and Audit Management: Ensure adherence to security compliance frameworks such as ISO 27001 and NIST, and manage audits to verify compliance with data protection regulations like GDPR.

• Incident Response and Forensics: Develop and oversee incident response plans, conduct forensic investigations in the event of security breaches, and implement corrective actions to prevent future incidents.

• Secure DevOps (DevSecOps) Implementation: Promote and supervise the integration of security practices into the DevOps pipeline, ensuring that security is embedded throughout the development and deployment processes.

• Cryptography Management: Oversee the implementation of cryptographic protocols, including TLS, AES, RSA, and hashing algorithms, to protect data integrity and confidentiality.

• Cloud Security Governance: Define strategies for securing cloud environments (AWS, Azure, GCP), ensuring that security controls are effectively implemented and managed.

• Penetration Testing and Vulnerability Assessment: Supervise regular penetration testing and vulnerability assessments to identify and remediate security weaknesses.

• Data Loss Prevention (DLP): Implement and manage DLP strategies to prevent unauthorized access, use, or transmission of sensitive data.

REQUIRED KNOWLEDGE AND EXPERIENCE

•A minimum of 5-7 years of experience in security related architecture roles, with a focus on cloud-based environments and high-security requirements.

•Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP) are highly desirable.

•Demonstrated experience in managing highly security demanding projects that require high agility, innovation, and adaptability to change.

Additional competences

•Proficiency in designing security architectures and conducting risk assessments to identify and mitigate potential threats.

•Deep understanding of Zero Trust principles and their application in modern security frameworks.

•Expertise in implementing network security measures and ensuring application security throughout the software development lifecycle (SDLC).

•Experience with identity and access management (IAM) solutions, including role-based access control (RBAC) and attribute-based access control (ABAC) for secure user management.

•Familiarity with security compliance frameworks such as ISO 27001, NIST, GDPR, and eIDAS, along with experience managing compliance audits.

•Ability to develop and manage incident response plans and conduct forensic investigations following security incidents.

•Knowledge of integrating security practices into DevOps pipelines to ensure secure development and deployment processes.

•Understanding of cryptographic protocols and their application in securing data.

•Experience securing cloud environments and implementing cloud security best practices.

•Proficiency in conducting penetration tests and vulnerability assessments to identify and address security weaknesses.

•Knowledge of data loss prevention (DLP) strategies and tools to protect sensitive data.

•Experience with threat modeling methodologies such as MITRE ATT&CK and STRIDE to identify and mitigate security threats.

•Understanding of security considerations specific to artificial intelligence and machine learning applications.

•Awareness of emerging trends in quantum-resistant cryptography and their implications for data security.

•Familiarity with regulatory frameworks such as the Digital Operational Resilience Act (DORA) and the Network and Information Security Directive 2 (NIS2).

•Knowledge of privacy-enhancing technologies such as homomorphic encryption and differential privacy.

•Experience with threat intelligence gathering and security operations center (SOC) processes to monitor and respond to security threats.

•Understanding of secure multi-party computation (SMPC) techniques and their application in secure data processing.

English (C1) required

Office: Brussels

modality of work: near-site

If interested, please apply!

Our personnel search is addressed to candidates of all genders.

The data will be processed and stored exclusively for the purposes of this or future selections, in compliance with the Federal Data Protection Law (LPD) and guaranteeing the rights referred to in art. 13 Legislative Decree 196/03 and EU regulation 679/2016 (GDPR)