Enterprise Architect (Brussels, on-site) DG TAXUD - European Commission

The White Team
Brussels, Belgium
10 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
€ 101K

Job location

Brussels, Belgium

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Cloud Computing Security
Computer Security
Information Leak Prevention
Data Security
Digital Forensics
Cryptographic Protocols
Identity and Access Management
Intrusion Detection Systems
Virtual Private Networks (VPN)
Network Security
Open Web Application Security
Systems Development Life Cycle
Role-Based Access Control
Zero Trust Network Access
RSA (Cryptosystem)
Google Cloud Platform
In-Plane Switching (IPS)
Software Security
Mitre Att&ck
Cyber Threat Analysis
Devsecops
Vulnerability Analysis

Job description

This role involves contributing to the design and governance of cyber-security architecture for an innovative, data-centric program within DG TAXUD. The Enterprise Architect will work within a cloud-native, distributed environment with a strong focus on Zero-Trust principles, data protection, and regulatory compliance, including GDPR. The position requires defining secure data flows, implementing strict access controls, enabling continuous authentication, and ensuring real-time security monitoring. The architect will collaborate with cloud engineers, data teams, and compliance units to guarantee a resilient, scalable, and regulatory-aligned infrastructure. The role also includes supervising automated security controls, performing risk assessments, supporting secure system design, and ensuring the confidentiality, integrity, and availability of critical systems.

Tasks:

  • Security Architecture & Risk Assessment.
  • Policy Development & Enforcement (GDPR, eIDAS).
  • Network & Application Security oversight (firewalls, IDS/IPS, VPN, OWASP, SDLC).
  • IAM (RBAC, ABAC).
  • Compliance & Audit Management (ISO 27001, NIST, GDPR).
  • Incident Response & Forensics.
  • DevSecOps integration.
  • Cryptography governance (TLS, AES, RSA, hashing).
  • Cloud Security governance (AWS, Azure, GCP).
  • Pen-testing & Vulnerability assessment.
  • Data Loss Prevention (DLP).

Specific Expertise:

  • Security architecture design (cloud, distributed, data-centric systems).
  • Zero Trust Architecture (ZTA) implementation and governance.
  • Security risk assessments, threat modeling (MITRE ATT&CK, STRIDE).
  • Network security: firewalls, IDS/IPS, VPNs.
  • Application security (OWASP, secure SDLC).
  • Identity & Access Management: RBAC, ABAC, continuous authentication.
  • Security policy development, compliance enforcement (GDPR, eIDAS).
  • Security frameworks: ISO 27001, NIST.
  • Incident response, digital forensics, corrective action planning.
  • DevSecOps integration in CI/CD pipelines.
  • Cryptographic protocols: TLS, AES, RSA, hashing.
  • Cloud security (AWS, Azure, GCP), cloud governance.
  • Penetration testing & vulnerability assessments.
  • Data Loss Prevention (DLP) tools and methodologies.
  • Threat intelligence, SOC operations, anomaly detection.
  • AI/ML security considerations.
  • Quantum-resistant cryptography principles.
  • Privacy-enhancing technologies: homomorphic encryption, differential privacy.
  • Secure multi-party computation (SMPC).
  • Experience leading high-security, high-agility projects.
  • Professional certifications: CISSP, CISM, CCSP (highly desirable).

Requirements

Do you have experience in VPN?, Do you have a Bachelor's degree?, Studies required: Bachelor's degree or equivalent (minimum 3 years of higher education).

Language: English (C1) (Mandatory).

Apply for this position