Information Security Architect

CORPORATE FUNCTIONS

** |**:
** BOLOGNA**:
Information Security Architect

Are you curious and ready to take on a new career challenge? Are you eager to join a dynamic company and bring innovation through your work and skills?

Prometeia offers opportunities for growth and training within a Group with over 1,000 professionals serving more than 500 clients in 20 countries worldwide.

Among the European leaders in Wealth Management solutions, Prometeia is seeking a Information Security Architect within the Corporate IT function, based in Bologna.

ROLE AND RESPONSIBILITIES

The Information Security Architect is responsible for developing, implementing, and managing information security solutions across the entire organization.

Reporting to the CISO, this role will act as a key point of reference for the delivery of information security projects across different operational areas.

The role also requires operational knowledge of project management and the ability to work collaboratively and cross-functionally with Security, IT, Cloud, Software Development teams, and business stakeholders.

** KEY RESPONSIBILITIES**
- Develop, implement, and manage information security initiatives in line with **ISO 2700x**, **ISO 22301**, **SOC 2**, **CSA STAR**, financial regulations (e.g. **Circular 285**, **DORA**, **NIS2**), and data protection legislation (**GDPR**).
- Identify, assess, and effectively manage information security risks, translating them into technical requirements, measures, and implementable controls, while ensuring compliance with regulations and industry best practices.
- Collaborate with internal and external stakeholders to ensure regulatory compliance and effective information security risk management.
- Develop and maintain information security policies, procedures, and guidelines for the entire organization, supporting and promoting their adoption.
- Monitor security design and remediation initiatives, managing milestones, dependencies, and stakeholders.
- Deliver training and awareness initiatives across the organization on information security and security best practices.
- Support governance and audit activities (evidence collection, audit support, remediation activities, and documentation).

**REQUIREMENTS**
- STEM degree in Computer Science or related disciplines.
- At least **5 years of experience** in technical cybersecurity roles (solution design and implementation).
- Strong knowledge of information security technologies and systems.
- Excellent understanding of common attack techniques and vectors (e.g. phishing, credential theft, lateral movement) and familiarity with widely used operating systems.
- Knowledge of **vulnerability management** (identification, prioritization, and remediation management).
- Basic knowledge of **incident response** (triage, containment, and initial event management in collaboration with involved teams).
- Basic knowledge of **networking** and **VPN technologies**.
- Knowledge of information security regulations, laws, and industry best practices.
- Operational knowledge of **project management**.
- Excellent communication and presentation skills.
- Excellent written and spoken **English**.
- Industry certifications (e.g. **CISSP, CCSP, ISO/IEC 27001, ITIL, PMP/PMI or equivalent**) and product-specific security certifications will be considered a strong plus.

**SOFT SKILLS**
- Strong **problem-solving abilities**.
- **Team-oriented**, flexible, and dynamic approach.
- Excellent **communication and interpersonal skills**.
- Good **command of English** (both written and spoken).

**LOCATION**

Bologna

** WHAT WE OFFER**

COMPENSATION, WELFARE & BENEFIT

Our history and our future are built on the value of our people. Prometeia’s biggest investment is in our people, and it concerns every aspect of professional life. We call it “Total Compensation,” and it is made of three elements: Compensation, consisting of a fixed and a variable component, a Welfare Plan active since 2015 -we were among the first companies in Italy to introduce it-, and Benefits, including all initiatives for the well-being of our people.

REMOTE WORKING

Flexibility is an intrinsic value of our approach to work. In Prometeia, remote work is an organizational model grounded in trust. It delivers benefits for work-life balance, environmental impact, and improved company results through the autonomy and empowerment of people.

PEOPLE PROGRAM

Our evaluation system is based on the full enhancement of our people and on continuous dialogue as a stimulus for regular, mutual professional and personal growth. Within the projects, several moments are dedicated to transparent discussions between managers and team members. This enables reciprocal, prompt feedback. The process is fully digitized and designed to continuously drive the strategic growth of both the individual and the company.

TRAINING

Prometeia means continuous training. We provide an average of 11 days of training per year to our peo