Senior GRC Architect at Sopra Steria

Leudelange, Esch-sur-Alzette, Luxembourg -

Full Time

Start Date

Immediate

Expiry Date

13 Apr, 26

Salary

0.0

Posted On

13 Jan, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, IAM Governance, Risk Management, Compliance, Access Control, Identity Lifecycle, Network Security, Authentication, Authorization, Cryptography, OWASP Top 10, DevSecOps, API Architectures, Communication Skills, Attention To Detail, Fluency In French And English

Industry

Information Technology & Services

Description

Company Description Sopra Steria offers tailored, end-to-end corporate technology and software solutions to help clients make bold choices and deliver results. Successfully so! With more than 56.000 colleagues in 30 countries, we rank as Europe’s leading digital solutions provider. Some of the most successful companies in Europe rely on our technology due to our commitment to innovation, collaboration, and value in business development. The world is how we shape it. Let’s shape it together. Job Description Cybersecurity is an always-on field, so you will stay up to date with the latest threats, IAM governance trends, and compliance regulations. You will be ready to conduct threat analysis, risk management, incident response, and identity-related risk assessments quickly and effectively. A strong focus will be placed on Identity and Access Management (IAM) governance, ensuring that access rights are aligned with business roles, least-privilege principles, and regulatory requirements throughout the identity lifecycle. To stay on the front foot, you will be familiar with modern security and IAM tools, including access control solutions, identity governance platforms, firewalls, and vulnerability assessment tools. You will contribute to strengthening access governance frameworks, segregation of duties (SoD), access reviews, and certification processes, ensuring that identities and privileges remain controlled and auditable. You will collaborate closely with other departments, demonstrating strong communication skills to support secure-by-design initiatives. This includes integrating IAM governance into broader cybersecurity practices such as ethical hacking, penetration testing, and security assessments, ensuring that systems meet security standards, maintain confidentiality, and protect critical assets. After all, there’s no cyber without cybersecurity—and no cybersecurity without strong identity governance. Compliance & IAM Governance Demonstrate strong knowledge of compliance standards and IAM governance frameworks, spearheading projects to ensure information systems and identity controls meet or exceed regulatory benchmarks. Ensure alignment between IAM policies, access models, and regulatory requirements. Assessment and Risk Management Conduct comprehensive security and identity risk assessments to identify threats, vulnerabilities, and excessive or inappropriate access rights. Develop and maintain risk management frameworks covering both IT security and IAM governance. Propose and implement mitigation strategies, including access control improvements and identity lifecycle enhancements. Policy and Compliance Ensure compliance with standards and regulations such as ISO 27001, EBIOS, NIST, GDPR, and IAM-related best practices. Develop, enforce, and monitor security and IAM policies, procedures, and guidelines. Oversee access reviews, role models, and segregation of duties, addressing any deviations or compliance gaps. Security & IAM Solutions Implementation Evaluate and recommend security and IAM technologies to strengthen the organization’s security posture and access governance capabilities. Communication, Training & Knowledge Sharing Provide security and IAM governance guidance and training, fostering a strong culture of security and identity awareness. Share expertise and mentor team members and stakeholders on compliance standards, system security best practices, cloud security, and IAM governance processes to ensure effective and sustainable security and compliance operations. Qualifications We’re seeking passionate colleagues who are eager to push the boundaries in digital transformation and technology consulting. At Sopra Steria, you’ll have the opportunity to grow your skills in a constructive, collaborative team environment, working on impactful projects that drive change for our clients. If you thrive on challenge and meet (most of) the qualifications below, we look forward to your application! You have knowledge and experience of the following: 10+ years' experience in multiple IT areas and working in security design functions. Cybersecurity knowledge and experience is required. Cloud- certification or proven expertise in AWS security solutions are a plus. Advanced Cybersecurity Certification (e.g. CISSP, CISM, or equivalent) is a differentiator. Very good understanding of network security concepts. Excellent understanding of authentication and authorisation mechanisms and protocols Cryptography and latest cryptographic standards, including PKI Working knowledge of the OWASP Top 10 Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems — Windows, Unix, and Linux, IP networks — WAN and LAN, Knowledge of DevSecOps, Knowledge of API Architectures Ability to work and communicate in a multi-cultural environment. Service-oriented mindset. Ability to communicate in writing and verbally in a clear and concise manner. Initiative, accuracy, and attention to detail Fluency in both French and English (written and spoken) is essential. What we can offer you As a member of one of Europe’s largest digital solutions providers, you’ll benefit from extensive career development opportunities, both local and international. At the Sopra Steria Academy, you’ll be part of a dynamic network of 56,000 professionals at all stages of their careers. With a wide array of offices to explore, you can find your ideal location and take the next step in your career. We offer a generous employee benefits package that includes: Access to our Sopra Steria training and personal development academy A company car lease or mobility budget A company laptop and new iPhone Private health insurance coverage Meal vouchers Social security and pension plan A competitive salary 26 holiday days You’ll become a part of a major Tech player in Europe recognised for its consulting, digital services, and software development. Additional Information People are the cornerstone of our success. That’s why we aspire to be bolder together. Our goal is to build high-functioning teams and healthy team environments that inspire and help each other to deliver excellence for each of our customers. Excited about this job opportunity? Ready to shape the world with us? Great! We are looking forward to your application! #LI-DNI ______ Sopra Steria is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, ancestry, nationality, color, family or medical leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, gender (including pregnancy), sexual orientation or any other characteristic protected by applicable local laws, regulations and ordinances. We foster a work environment that is inclusive and respectful of all differences.

Responsibilities

The Senior GRC Architect will conduct threat analysis, risk management, and identity-related risk assessments while ensuring IAM governance aligns with business roles and regulatory requirements. They will also collaborate with other departments to integrate IAM governance into broader cybersecurity practices.