Enterprise Security Architect Lead

• Design, review, and approve enterprise security architectures and solution designs across on-premises and cloud environments (SaaS, PaaS, IaaS).
• Establish and maintain security architecture standards, patterns, and best practices for encryption, access control, identity and access management (IAM), and emerging technologies.
• Validate third-party and internal solution designs to ensure alignment with security requirements and organizational standards.
• Ensure the integration of security principles in both on-premises and cloud environments., * Oversee implementation and delivery of strategic IT security initiatives, ensuring alignment with approved architectures and security objectives.
• Serve as the security architecture authority throughout the project lifecycle from planning through execution.
• Establish security integration models for diverse project environments including Agile, SAFe, waterfall, and hybrid approaches.
• Manage timelines and resource allocation for security architecture initiatives.
• Establish and animate project meetings and project steering committees to ensure cohesive governance across all project phases.

Risk Management and Compliance

• Conduct comprehensive risk assessments and business impact analyses for major IT initiatives, architectural changes, and technology implementations using recognized methodologies (EBIOS, MEHARI, ISO 27005).
• Develop and recommend mitigation strategies for identified security risks and architectural vulnerabilities.
• Maintain and communicate the security architecture roadmap to executive stakeholders.
• Ability to conduct incident response tabletop exercises and provide an overall assessment and recommendations.
• Lead compliance initiatives and prepare for security audits and certifications.
• Define, implement, and maintain information security policies, procedures, and standards.
• Ensure alignment with regulatory requirements (GDPR, DSP2, and others)., * Provide authoritative guidance on security configurations and best practices for Microsoft and Linux operating systems, containers, and cloud services.
• Work with advanced IT systems, focusing on secure software development, API security, data loss prevention, and implementing security controls in emerging technologies like Generative AI and Agentic systems.
• Define technical security requirements and specifications for architectural components and solutions, including identity management, PKI, and encryption strategies.

Team & Stakeholder Management

• Able to manage and mentor a team of security professionals and contractors when the team grows, providing technical leadership and professional development.
• Act as primary liaison among internal stakeholders, clients, vendors, integrators, and contractors to ensure architectural alignment and project success.
• Provide clear, timely status updates and risk assessments during steering committee meetings and regular architecture review boards.
• Oversee vendor security evaluations, risk management, and contract security requirements.

Do you have experience in Windows?, Do you have a Master's degree?, CFM is continuing its transformation in 2026, marking a significant acceleration for our company. To meet the evolving demands of the research department, we are dedicated to making substantial investments in cutting-edge technological initiatives. The meaningful integration of advanced technologies, such as generative AI and cloud solutions, is at the core of our transformation strategy. Simultaneously, we are enhancing our security infrastructure to ensure the safe and optimized use of these advanced technologies.

We are looking for an accomplished Enterprise Security Architect Lead with a deep cybersecurity background and proven experience in security governance and risk management to join our Information Security team in Paris, France.

In this role, you will design, validate, and approve enterprise security architectures and solution designs while ensuring that security principles are embedded across all IT initiatives. You will serve as the technical authority for security architecture decisions, lead comprehensive risk assessments, establish security governance frameworks, and manage the implementation of strategic security initiatives. You will collaborate closely with architecture and project teams and champion security risk assessments and mitigation strategies across the organization and may manage a small team of security professionals and contractors.

Reporting directly to our CISO based in New York, the ideal candidate will have a demonstrated history of designing and governing enterprise-scale security solutions, establishing security governance models, a comprehensive understanding of IT systems and cybersecurity methodologies, and the expertise to drive security integration across diverse project environments (Agile, SAFe, waterfall)., * Minimum education: BAC+3 (Bachelor's degree); Master's degree in information security or related field preferred.

• At least 10 years of IT experience, with 7+ years specifically focused on IT security architecture, governance, and risk management.
• Proven ability to design, validate, and govern enterprise-scale security architectures and information security management systems.
• Demonstrated experience establishing security governance frameworks, risk management processes, and security integration models across diverse organizational structures.
• Demonstrated experience managing technical teams and contractors.

Technical Expertise

• In-depth knowledge of IT security concepts, practices, and technologies across on-premises and cloud environments (SaaS, PaaS, IaaS), including encryption, access control, identity and access management (IAM), and PKI.
• Expertise in security architecture frameworks and patterns (Zero Trust, defense-in-depth).
• Advanced proficiency with security governance and risk assessment methodologies (EBIOS, MEHARI, ISO 27005, NIST, ISO 27001).
• Strong understanding of computer networking and network security methodologies.
• Proficiency with Windows and Linux operating systems, containers, cloud services, Microsoft 365, Active Directory, API management, and network security services such as firewalls, proxies, and reverse proxies.
• Experience with security operations, threat intelligence, security testing, incident response, and vulnerability management.
• Knowledge of identity and access management (IAM), authentication protocols (OAuth2, X.509), and secure API design.

Leadership & Communication

• Excellent leadership, analytical, and interpersonal skills, with proven ability to lead and mentor technical teams and manage diverse stakeholder relationships.
• Strong ability to translate complex security concepts for executive and technical audiences.
• Experience presenting to and influencing steering committees, boards, and executive leadership.
• Fluent in both French and English (business and technical proficiency required).
• Ability to work independently and within a multi-national team environment., * Experience in the financial services industry.
• Relevant certifications in cybersecurity and architecture (CISSP, CISM, TOGAF, AWS Security Certification).
• Experience leading ISO 27001 certification projects and establishing SMIS frameworks.
• Knowledge of secure software development practices and DevSecOps principles.
• Experience in Python programming.
• Experience with threat intelligence and incident management.

Founded in 1991, we are a global quantitative and systematic asset management firm applying a scientific approach to finance to develop alternative investment strategies that create value for our clients. We value innovation, dedication, collaboration, and the ability to make an impact. Together, we create a stimulating environment for talented and passionate experts in research, technology, and business to explore new ideas and challenge existing assumptions.