IT Security Expert – Applications & Cloud

Job Specifications

CV submission deadline: 11.04.2025
Location: Belgium

VASS is actively seeking an IT Security Expert – Applications & Cloud to work for our client, the European Commission from Belgium.

DESCRIPTION OF THE TASKS

Following tasks will be performed by external service provider:

1. Application Security Design
• Supports the design of secure IT architectures and ensures compliance with Commission security policies and standards.
Collaborates with IT development, operations, and architecture teams to embed security throughout the application lifecycle.

2. Security Requirements & Technical Actions
• Assists in defining and implementing security requirements within IT projects.
• Supports security control integration in development and infrastructure.

3. Documentation & Compliance
• Helps maintain security documentation for audits and compliance.
• Assists in drafting security assessments, architecture security blueprints, and configurations.

4. Application Security Implementation
• Promotes secure development practices and ensures their adoption.
• Works with DevSecOps teams to strengthen security in software development.

5. Risk Analysis & Security Policy Compliance
• Conducts risk assessments and proposes mitigation actions.
• Supports alignment with Commission risk management methodologies.

6. Vulnerability Testing & Remediation
• Coordinates vulnerability assessments and penetration testing follow-ups.
• Assists in remediation planning and tracking corrective actions.

7. Incident & Threat Categorization
• Supports incident classification and response prioritization.
• Collaborates with IT operations to ensure proper handling of security events.

8. Security Training & Awareness
• Delivers training sessions on security best practices.
• Helps create awareness programs for secure development and risk management.

9. Security Strategy & Implementation
• Assists in defining security plans, access management strategies, and risk mitigation frameworks. • Supports long-term cybersecurity initiatives within the IT ecosystem

KNOWLEDGE AND SKILL

Following skills and knowledge are required for the performance of the above listed tasks:

• Main European regulations affecting information security: in-depth understanding and experience with the General Data Protection Regulation (GDPR) and the proposed ePrivacy Regulation (EDPR), etc.
• Security Best practice: o In-depth understanding of OWASP’s top security risks and ability to apply these practices in software development, o Good knowledge of secure coding frameworks and guidelines, o Good knowledge of security practices for cloud environments.
• ISO Standards and Risk Management: Comprehensive knowledge of ISO 27001 (Information Security Management), ISO 27002 (Code of Practice for Information Security Controls), and ISO 27005 (Information Security Risk Management).
• Emerging European Regulations: o Awareness of developments in the AI Act and its potential implications for IT security and data protection
o Knowledge of the NIS2 Directive for network and information systems security in the EU.
• European Commission Standards and Procedures: Knowledge of the European Commission’s internal guidelines and their impact on IT security would be an advantage

SPECIFIC EXPERTISE

Following specific expertise is mandatory for the performance of tasks:

• Master's degree in Computer Science and at least 11 years of IT related work experience.

• at least 3 years of specific expertise in IT security applied to software development

• at least 3 years of specific expertise cloud security frameworks and guidelines, such as the Cloud Security Alliance (CSA) Cloud Controls Matrix

If you are interested, please don't hesitate to submit your application!

About the Company

We are a global digital transformation company that puts organizations at the forefront of innovation, by bringing together talent, knowledge and technology. With our digital solutions, we lead people and organizations around the world on their transition towards the future. Our 4,900 experts in 26 countries across Europe, America and Asia work alongside our clients, partners and key industry players to deliver best-in-class digital innovation that shapes the landscape of banking, retail, insurance, public administration, u... Know more

Related Jobs

Company Name

RED TIC

Job Title

ARCHITECTE SÉCURITÉ

Brussels, Belgium

On site

Full Time

27-11-2025

Company Name

Enzo Tech Group

Job Title

Chief Information Security Officer

Brussels, Belgium

On site

Freelance

26-11-2025

Company Name

AlmavivA de Belgique

Job Title

Information Security Consultant

Brussels, Belgium

On site

Freelance

26-11-2025

Company Name

Nova Hunte

Job Title

Security Architect

Brussels, Belgium

Hybrid

Freelance

20-11-2025