Cyber Security Specialist

Fincons Group is an IT business consulting company that has been designing the digital future of leading companies on international markets for 40 years. Fincons Group built its reputation on foreseeing and interpreting new business models and the rapid evolution of IT systems by building a complete range of services: from research and consulting to design and development, from system integration of leading vendor software solutions right up to application management, supporting clients step by step along their digital transformation journey. Fincons is a multinational with over 2,600 people and several offices worldwide (in Italy, Switzerland, Germany, France, the United Kingdom, Belgium and the USA), but above all a Family Company where the founders play a strategic role with commitment and passion, grounding the company in the same principles of a united and caring family.

We firmly believe in the value of cooperation and in the contribution that every idea and intuition can bring. We believe that everyone’s effort can make a difference. Transforming knowledge into a strategic resource is our company mission, and we pursue it with the help of our most strategic asset: our people.

Fincons is looking for a CYBERSECURITY SPECIALIST

We are seeking an Enterprise Architect (Cyber-security architecture) with extensive experience in designing and overseeing security architectures within cloud environments. The ideal candidates will possess a deep understanding of security risk assessments, network and application security, and identity and access management. They should demonstrate proficiency in security compliance frameworks, incident response, and the implementation of secure DevOps practices. A strong emphasis on data privacy, cryptography, and cloud security is essential.

Requirements

Following skills and knowledge are required for the performance of the above listed tasks:

• Proficiency in designing security architectures and conducting risk assessments to identify and

mitigate potential threats.

• Deep understanding of Zero Trust principles and their application in modern security frameworks.

• Expertise in implementing network security measures and ensuring application security throughout

the software development lifecycle (SDLC).

• Experience with identity and access management (IAM) solutions, including role-based access

control (RBAC) and attribute-based access control (ABAC) for secure user management.

• Familiarity with security compliance frameworks such as ISO 27001, NIST, GDPR, and eIDAS,

along with experience managing compliance audits.

• Ability to develop and manage incident response plans and conduct forensic investigations following

security incidents.

• Knowledge of integrating security practices into DevOps pipelines to ensure secure development and deployment processes.

• Understanding of cryptographic protocols and their application in securing data.

• Experience securing cloud environments and implementing cloud security best practices.

• Proficiency in conducting penetration tests and vulnerability assessments to identify and address

security weaknesses.

• Knowledge of data loss prevention (DLP) strategies and tools to protect sensitive data.

• Experience with threat modeling methodologies such as MITRE ATT&CK and STRIDE to identify

and mitigate security threats.

• Understanding of security considerations specific to artificial intelligence and machine learning

applications.

• Awareness of emerging trends in quantum-resistant cryptography and their implications for data

security.

• Familiarity with regulatory frameworks such as the Digital Operational Resilience Act (DORA) and

the Network and Information Security Directive 2 (NIS2).

• Knowledge of privacy-enhancing technologies such as homomorphic encryption and differential

privacy.

• Experience with threat intelligence gathering and security operations center (SOC) processes to

monitor and respond to security threats.

• Understanding of secure multi-party computation (SMPC) techniques and their application in secure data processing.

Specific Expertise

Following specific expertise is mandatory for the performance of tasks:

• A minimum of 5-7 years of experience in security related architecture roles, with a focus on cloud based environments and high-security requirements.

• Relevant certifications such as Certified Information Systems Security Professional (CISSP),

Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP)

are highly desirable.

• Demonstrated experience in managing highly security demanding projects that require high agility, innovation, and adaptability to change.

English (C1) required

Office: Brussels

modality of work: hybrid (2dd/week at on premises)

Our personnel search is addressed to candidates of all genders.

The data will be processed and stored exclusively for the purposes of this or future selections, in compliance with the Federal Data Protection Law (LPD) and guaranteeing the rights referred to in art. 13 Legislative Decree 196/03 and EU regulation 679/2016 (GDPR)