Cyber Security Architect

Cybersecurity Architect
Location: Paris, France (2 days in the office per week)
Contract: 6 months (extendable)
Business Area: Cybersecurity & Architecture
Start Date: ASAP

About the company
A major national financial institution operating across multiple business units and digital platforms. The organisation places strong emphasis on cybersecurity excellence, innovation, and secure‑by‑design principles across its IT and product ecosystem. Its cybersecurity division is structured around governance, operational defence, and an expert advisory function that supports teams across the enterprise.

Role Overview
We are seeking an experienced Cybersecurity Architect to join the Cybersecurity Expertise team within the IT Department. The mission is to guide agile teams toward a high level of security maturity through pragmatic advisory, architectural oversight, and the definition of non‑functional security requirements. The role includes creating and maintaining security doctrines, ensuring compliance with established controls, and providing technology watch to challenge and improve existing solutions.

The Cybersecurity Architect will also validate offensive security outputs (pentest, red team), support vulnerability remediation, and contribute to ongoing cybersecurity strategy and continuous improvement initiatives. Additional transversal security topics may be assigned depending on organisational priorities.

Key Responsibility

• Support agile teams in strengthening DevSecOps practices, including adoption of Cyber Score models.
• Guide the deployment, operationalisation and internal adoption of security tools (DLP, CNAPP, SSE, VOC, DMARC,sovereign cloud environments).
• Oversee and govern generative AI and agent‑based AI tooling usage.
• Support teams in implementing state‑of‑the‑art encryption, including preparation for post‑quantum transition.
• Validate the cybersecurity compliance of new platforms and applications within the information system.
• Challenge existing technologies and solutions through continuous security monitoring and evaluation.
• Review offensive security findings and assist teams in resolving vulnerabilities.
• Contribute to cybersecurity strategy, standards, doctrines, and continuous improvement processes.

Required Skill

• Certification on one or more major cloud service providers (AWS, Azure, GCP).
• Background in development.
• Experience in offensive security (pentest, red teaming).
• Experience in agile environments and/or SAFe certification.
• 10+ years of experience in cybersecurity.
• CISSP and/or GIAC certifications are a plus.
• Strong client‑orientation mindset.
• Organised, rigorous, able to meet deadlines.
• Autonomous, proactive, strong ability to propose improvements.
• Strong written communication skills.

Technical Expertise

• Strong understanding of technical security concepts: Network, API, Web, Systems, Cloud.
• Knowledge of risk assessment methodologies (ISO, NIST, etc.)
• DevSecOps practices: SSDLC, SAST, DAST, SCA, CNAPP, CSPM.
• Access Management: OIDC, SAML, SCIM.
• Network: ADN, SASE.
• Cloud: AWS, Azure, GCP, VMware, Kubernetes.
• Operating Systems: Linux, Windows, MacOS.
• Cryptography, certificate lifecycle management, PKI, KMS/HSM.
• AI technologies: Dust, Mistral, Copilot, MCP, agents.
• Methods: Agile, Scrum, SAFe.