CYBER SECURITY ARCHITECT
Overview
We are looking for a Cyber Security Architect responsible for designing, implementing, and maintaining a comprehensive security architecture that spans network protection, user protection, identity management, and secure software delivery. The role will cover on-premises infrastructure, cloud environments, and SaaS applications, ensuring that security controls are in place to safeguard sensitive data, including customer information, financial transactions, and proprietary business information.
Specific Skills
- Expertise in cloud security frameworks (AWS preferred) and on-premises infrastructure (VMWare preferred, both Windows and Linux environments) protection;
- In-depth knowledge of security standards, protocols, and regulatory requirements in a global context (e.g., GDPR, PCI-DSS);
- Experience with SIEM, IDS/IPS, endpoint protection, encryption technologies, and identity management solutions;
- Strong understanding of network security, application security, and vulnerability management;
- Excellent communication skills, with the ability to collaborate across diverse global teams and functions.
- It is required to be present for 1 or 2 days per month in Milan or Bologna.
Responsible For
Security Architecture Design:
- Develop and implement comprehensive security architectures for both on-premises and cloud environments (AWS);
- Ensure the secure integration of SaaS applications and services used across various business functions;
- Design security controls and policies that accommodate the unique requirements of a globally distributed workforce, including office staff, warehouse operators, and external contractors.
- Ensure compliance with industry standards and regulations (e.g., PCI-DSS, GDPR, CCPA) relevant to global e-commerce operations;
- Collaborate with legal and compliance teams to maintain a proactive approach to evolving regulatory requirements across different jurisdictions.
- Develop cloud security strategies, including Identity and Access Management (IAM), encryption, and network security configurations;
- Manage security across cloud and SaaS environments, ensuring secure communication between cloud services and on-prem infrastructure;
- Implement and monitor security solutions for hybrid cloud environments, leveraging native and third-party tools.
- Design and manage security frameworks for on-premises data centers and infrastructure, including network security, firewalls, IDS/IPS, and endpoint protection;
- Implement secure configurations and patch management for hardware and software used in offices, warehouses, and connected systems.
- Design architecture for continuous monitoring and threat detection systems, such as SIEM solutions, across cloud, on-prem, and SaaS environments.
- Work closely with IT, DevOps, engineering, and other teams to integrate security into the software development lifecycle (DevSecOps);
- Provide technical leadership and guidance to external security vendors and managed service providers (MSPs).
- Ensure secure remote access and communication for globally distributed teams, including secure VPNs, Virtudal Desktop, zero-trust architectures, and endpoint protection for remote workers;
- Design policies and frameworks for managing security in external contractor relationships, ensuring compliance with security protocols.
Job Location
Hybrid
Job Level
Senior