Enterprise Security Architect

Role: Enterprise Architect

Location: VASS BRUSSELS

А global digital transformation company with a team of more than 4,900 global players in 26 countries – in Europe, America and Asia, working together to put organizations at the forefront of innovation by bringing together talent, knowledge and technology.

Our approach is based on conscious technology, through which we create positive environments and meaningful opportunities, always in our own way, making the complex simple.

VASS BeNeLux, in partnership with the European Commission, is currently seeking an Expert Enterprise Architect to work from the European Commission.

About the Role

We are looking for an experienced Enterprise Architect to support key IT architecture, cybersecurity, and Agile transformation initiatives within DG TAXUD (Directorate-General for Taxation and Customs Union). You will contribute to the evolution of secure IT systems, DevSecOps practices, and digital shared services, including the implementation and governance of modern cloud and container-based architectures.

This is a highly collaborative, strategic, and hands-on technical role involving cross-functional teams, stakeholders from Member States, and subcontractors.

Key Responsibilities

Project Management & Coordination

Manage full project lifecycles (inception to transition) across multiple initiatives.

Lead or coordinate project teams (internal/external), ensuring alignment with DG TAXUD’s methodologies (e.g., TEMPO, RUP@EC).

Track progress, manage risks, escalate issues, and ensure delivery quality.

Collaborate with stakeholders, including DG TAXUD units, contractors, Member States, and external vendors.

DevSecOps & CI/CD Implementation

Design, implement, and maintain secure DevSecOps pipelines across hybrid environments (AWS, Kubernetes, Tanzu).

Administer and integrate ALM tools (e.g., Jira, Jenkins, Nexus, Bitbucket, SonarQube).

Promote DevSecOps practices and onboard development teams into CI/CD pipelines.

Ensure integration of security into every phase of SDLC (S-SDLC).

IT Security & Compliance

Perform technical security assessments, vulnerability scans, and risk analyses.

Ensure compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA).

Define and implement security strategies for cloud and on-premise infrastructures.

Translate business/security requirements into technical design and architecture.

Monitor and advise on business continuity, incident response, and disaster recovery.

Architecture & Strategic Advisory

Evaluate technical solutions, participate in architecture governance, and ensure alignment with TAXUD frameworks.

Study the impact of new technologies (COTS/OSS) on TAXUD systems.

Provide guidance on security strategy, policies, and best practices.

Produce and review high-quality documentation (e.g., security plans, technical specs, evaluations).

Key Technologies & Tools

DevSecOps Tools: Jenkins, Git, Bitbucket, Nexus, SonarQube, Fortify, SCA (Sonatype), Confluence

Cloud & Container Platforms: AWS, Kubernetes, Tanzu, Nutanix

Security & Monitoring: Elastic Stack, Dynatrace, Splunk, IDS/IPS, firewalls, IAM, encryption tools

Programming/Scripting: Java (asset), Groovy scripting

Protocols & Architecture: TCP/IP, REST APIs, distributed systems integration

Mandatory Requirements

Education: Bachelor's degree (EQF Level 6 or higher) in Information Security, Cybersecurity, Computer Science, or related field.

Experience:

10+ years in IT

5+ years in IT Security

3+ years in DevSecOps (with Containers & CI/CD integration)

Skills:

Strong knowledge of S-SDLC, Agile, and Lean practices

Ability to create and maintain CI/CD pipelines and monitoring systems

Experience with security assessments, audits, and technical writing

Hands-on with DevSecOps toolchains and cloud/container security

Preferred Qualifications & Certifications

Certifications (any of the following are a plus):

CISSP, CCSP, CISM, CISA, CEH, AWS Security Specialty, CompTIA Security+

ITIL, TOGAF, PM², Agile certifications

Assets:

Experience in European Commission/DG TAXUD environment

Knowledge of Kafka/Confluent, Elastic Stack, eArchiving (CEF E-ARK)

Familiarity with EC security frameworks and compliance standards