Security Architect

CV submission deadline: 04 June 2025

Location: Belgium, Near - Site

VASS is actively looking for a Security Architect to work for our client, the European Commission in Belgium.

NATURE OF THE TASKS

• CI reference – eCommerce DataHub

• Security Architecture and Risk Assessment: Define and supervise the development of comprehensive security architectures, ensuring alignment with Zero Trust principles and conducting regular risk assessments to identify and mitigate potential vulnerabilities.

• Policy Development and Enforcement: Develop, implement, and enforce security policies and procedures that comply with industry standards and regulatory requirements, including GDPR and eIDAS.

• Network and Application Security Oversight: Supervise the implementation of network security measures such as firewalls, intrusion detection/prevention systems (IDS/IPS), and virtual private networks (VPNs). Oversee application security initiatives, ensuring adherence to OWASP guidelines and secure software development lifecycle (SDLC) practices.

• Identity and Access Management (IAM): Coordinate the implementation of IAM solutions, including role-based access control (RBAC) and attribute-based access control (ABAC), to ensure secure and compliant access to systems and data.

• Compliance and Audit Management: Ensure adherence to security compliance frameworks such as ISO 27001 and NIST, and manage audits to verify compliance with data protection regulations like GDPR.

• Incident Response and Forensics: Develop and oversee incident response plans, conduct forensic investigations in the event of security breaches, and implement corrective actions to prevent future incidents.

•Secure DevOps (DevSecOps) Implementation: Promote and supervise the integration of security practices into the DevOps pipeline, ensuring that security is embedded throughout the development and deployment processes.

• Cryptography Management: Oversee the implementation of cryptographic protocols, including TLS, AES, RSA, and hashing algorithms, to protect data integrity and confidentiality.

• Cloud Security Governance: Define strategies for securing cloud environments (AWS, Azure, GCP), ensuring that security controls are effectively implemented and managed.

• Penetration Testing and Vulnerability Assessment: Supervise regular penetration testing and vulnerability assessments to identify and remediate security weaknesses.

• Data Loss Prevention (DLP): Implement and manage DLP strategies to prevent unauthorized access, use, or transmission of sensitive data.

KNOWLEDGE AND SKILLS

• Bachelor's degree in Computer Science or related field.

• Proficiency in designing security architectures and conducting risk assessments to identify and mitigate potential threats.

• Deep understanding of Zero Trust principles and their application in modern security frameworks.

• Expertise in implementing network security measures and ensuring application security throughout the software development lifecycle (SDLC).

• Experience with identity and access management (IAM) solutions, including role-based access control (RBAC) and attribute-based access control (ABAC) for secure user management.

• Familiarity with security compliance frameworks such as ISO 27001, NIST, GDPR, and eIDAS, along with experience managing compliance audits

• Ability to develop and manage incident response plans and conduct forensic investigations following security incidents.

• Knowledge of integrating security practices into DevOps pipelines to ensure secure development and deployment processes.

• Understanding of cryptographic protocols and their application in securing data.

• Experience securing cloud environments and implementing cloud security best practices.

• Proficiency in conducting penetration tests and vulnerability assessments to identify and address security weaknesses.

• Knowledge of data loss prevention (DLP) strategies and tools to protect sensitive data.

• Experience with threat modeling methodologies such as MITRE ATT&CK and STRIDE to identify and mitigate security threats.

• Understanding of security considerations specific to artificial intelligence and machine learning applications.

• Awareness of emerging trends in quantum-resistant cryptography and their implications for data security.

• Familiarity with regulatory frameworks such as the Digital Operational Resilience Act (DORA) and the Network and Information Security Directive 2 (NIS2).

• Knowledge of privacy-enhancing technologies such as homomorphic encryption and differential privacy.

• Experience with threat intelligence gathering and security operations center (SOC) processes to monitor and respond to security threats.

• Understanding of secure multi-party computation (SMPC) techniques and their application in secure data processing.

SPECIFIC EXPERTISE

• A minimum of 5-7 years of experience in security related architecture roles, with a focus on cloud-based environments and high-security requirements.

• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP) are highly desirable.

• Demonstrated experience in managing highly security demanding projects that require high agility, innovation, and adaptability to change.

If you are interested, please don't hesitate to submit your application!