Information Security Architect

Are you curious and ready to accept a new challenge in your career? Are you eager to join a dynamic company and bring innovation through your work and skills?

Prometeia offers you opportunities for growth and training in a Group with over 1000 professionals working for more than 500 clients in 20 countries around the world.

ROLE AND RESPONSIBILITIES

The Information Security Architect is responsible for developing, implementing, and managing information security solutions across the entire organization.

 Reporting to the CISO, this role will act as a key point of reference for the delivery of information security projects across different operational areas.

The ideal candidate is a technical cybersecurity professional with solid experience in security technologies and controls, as well as in information security regulations and legislation.

The role also requires operational knowledge of project management and the ability to work collaboratively and cross-functionally with Security, IT, Cloud, Software Development teams, and business stakeholders.

Key Responsibilities

• Develop, implement, and manage information security initiatives in line with ISO 2700x, ISO 22301, SOC 2, CSA STAR, financial regulations (e.g. Circular 285, DORA, NIS2), and data protection legislation (GDPR).
• Design and contribute to the implementation and management of security solutions and components such as EDR/XDR, email security (anti-phishing, protection and remediation processes), SASE, DLP, and Identity, ensuring proper configuration, integration, and fine-tuning.
• Identify, assess, and effectively manage information security risks, translating them into technical requirements, measures, and implementable controls, while ensuring compliance with regulations and industry best practices.
• Collaborate with internal and external stakeholders to ensure regulatory compliance and effective information security risk management.
• Develop and maintain information security policies, procedures, and guidelines for the entire organization, supporting and promoting their adoption.
• Monitor security design and remediation initiatives, managing milestones, dependencies, and stakeholders.
• Deliver training and awareness initiatives across the organization on information security and security best practices.
• Support governance and audit activities (evidence collection, audit support, remediation activities, and documentation).

Requirements

• STEM degree in Computer Science or related disciplines.
• At least 5 years of experience in technical cybersecurity roles (solution design and implementation).
• Strong knowledge of information security technologies and systems.
• Excellent understanding of common attack techniques and vectors (e.g. phishing, credential theft, lateral movement) and familiarity with widely used operating systems.
• Knowledge of vulnerability management (identification, prioritization, and remediation management).
• Basic knowledge of incident response (triage, containment, and initial event management in collaboration with involved teams).
• Basic knowledge of networking and VPN technologies.
• Knowledge of information security regulations, laws, and industry best practices.
• Operational knowledge of project management.
• Excellent communication and presentation skills.
• Excellent written and spoken English.
• Industry certifications (e.g. CISSP, CCSP, ISO/IEC 27001, ITIL, PMP/PMI or equivalent) and product-specific security certifications will be considered a strong plus.

SOFT SKILLS

• Strong problem-solving abilities.
• Team-oriented, flexible, and dynamic approach.
• Excellent communication and interpersonal skills.
• Good command of English (both written and spoken).

WHAT WE OFFER:
COMPENSATION, WELFARE & BENEFIT
Our history, as well as the future, is based on the value of our people. The biggest investment at Prometeia is in our people, and it concerns every aspect of professional life. We call it 'Total Compensation' and is made up of Compensation - consisting of a fixed and a variable component -, an important Welfare Plan, active since 2015 – we have been among the first to introduce it in Italy - and Benefits, which include all the initiatives undertaken for the well-being of our people.

REMOTE WORKING
Flexibility is an intrinsic value of the way we work. At Prometeia, smart working is an organizational method based on trust, which results in benefits in terms of work/life balance, impact on the environment and optimization of company results, through autonomy and empowerment of people.

PEOPLE PROGRAM
Our evaluation system is based on the full enhancement of people and their continuous dialogue as a stimulus for regular, mutual professional and personal growth. Transparent discussions between managers and team members are set up within the projects, where reciprocal and timely feedback is exchanged. The process is fully digitalized and aimed at continuously improving the development trajectory of the individual and the company.

TRAINING
Prometeia means ongoing training. We provide an average of 11 days of training per year to our people, in person and online. Particular attention is paid to younger colleagues, who are the protagonists of dedicated growth programs, and to the continuous sharing and internal transfer of know-how and skills. On-the-job training is also important, through immediate and direct confrontation with the market.

WIN/WIN POLICY
If you are one of our employees, and you recommend a person who is later recruited, you are entitled to a financial bonus This is an important opportunity to contribute to the growth of Prometeia as a whole, by attracting acknowledged market professionals and new tech talents.

PHYGITAL MANAGEMENT
Through the dedicated app Pr(Home)teia, we have completely digitalized and integrated the management of our physical and virtual environments. Access to the office, smart working, workstations, meeting rooms, car pooling... everything is just a click away.

COMMUNITY
Our Community is extremely diverse, as are the skills of the people who are part of it and who share its values, and the individuals and organizations that are directly or indirectly involved in our activities. Clients, People of the Group, Alumni, Institutions, Academia, non-profit entities with which we actively collaborate, are stakeholders representing a great value for us, in terms of trust and collaboration.

DIVERSITY
We promote and respect equal opportunities and consider differences as a value. Diversity & Inclusion are fundamental values: from the selection phase to everyday life, also through dedicated training moments to develop individual sensitivities and unicities.

IMPACT
We responsibly take an active role towards the environment, the territories and the communities in which we operate. Our Headquarter in Bologna has obtained the Leed Gold Certification, one of the highest awards that recognizes the performance of the building in terms of energy and water savings, reduction of CO2 emissions, improvement of the ecological quality of the interior, materials and resources used. In the Sustainability Report we report the results achieved within the 17 Sustainable Development Goals (SDGs) of the 2030 Agenda that, drafted by the United Nations in 2016, we have been supporting since 2020.