Role: Enterprise Architect
Location: VASS BRUSSELS
А global digital transformation company with a team of more than 4,900 global players in 26 countries – in Europe, America and Asia, working together to put organizations at the forefront of innovation by bringing together talent, knowledge and technology.
Our approach is based on conscious technology, through which we create positive environments and meaningful opportunities, always in our own way, making the complex simple.
VASS BeNeLux, in partnership with the European Commission, is currently seeking an Expert Enterprise Architect to work from the European Commission.
About the Role
We are looking for an experienced Enterprise Architect to support key IT architecture, cybersecurity, and Agile transformation initiatives within DG TAXUD (Directorate-General for Taxation and Customs Union). You will contribute to the evolution of secure IT systems, DevSecOps practices, and digital shared services, including the implementation and governance of modern cloud and container-based architectures.
This is a highly collaborative, strategic, and hands-on technical role involving cross-functional teams, stakeholders from Member States, and subcontractors.
Key Responsibilities
Project Management & Coordination
Manage full project lifecycles (inception to transition) across multiple initiatives.
Lead or coordinate project teams (internal/external), ensuring alignment with DG TAXUD’s methodologies (e.g., TEMPO, RUP@EC).
Track progress, manage risks, escalate issues, and ensure delivery quality.
Collaborate with stakeholders, including DG TAXUD units, contractors, Member States, and external vendors.
DevSecOps & CI/CD Implementation
Design, implement, and maintain secure DevSecOps pipelines across hybrid environments (AWS, Kubernetes, Tanzu).
Administer and integrate ALM tools (e.g., Jira, Jenkins, Nexus, Bitbucket, SonarQube).
Promote DevSecOps practices and onboard development teams into CI/CD pipelines.
Ensure integration of security into every phase of SDLC (S-SDLC).
IT Security & Compliance
Perform technical security assessments, vulnerability scans, and risk analyses.
Ensure compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA).
Define and implement security strategies for cloud and on-premise infrastructures.
Translate business/security requirements into technical design and architecture.
Monitor and advise on business continuity, incident response, and disaster recovery.
Architecture & Strategic Advisory
Evaluate technical solutions, participate in architecture governance, and ensure alignment with TAXUD frameworks.
Study the impact of new technologies (COTS/OSS) on TAXUD systems.
Provide guidance on security strategy, policies, and best practices.
Produce and review high-quality documentation (e.g., security plans, technical specs, evaluations).
Key Technologies & Tools
DevSecOps Tools: Jenkins, Git, Bitbucket, Nexus, SonarQube, Fortify, SCA (Sonatype), Confluence
Cloud & Container Platforms: AWS, Kubernetes, Tanzu, Nutanix
Security & Monitoring: Elastic Stack, Dynatrace, Splunk, IDS/IPS, firewalls, IAM, encryption tools
Programming/Scripting: Java (asset), Groovy scripting
Protocols & Architecture: TCP/IP, REST APIs, distributed systems integration
Mandatory Requirements
Education: Bachelor's degree (EQF Level 6 or higher) in Information Security, Cybersecurity, Computer Science, or related field.
Experience:
10+ years in IT
5+ years in IT Security
3+ years in DevSecOps (with Containers & CI/CD integration)
Skills:
Strong knowledge of S-SDLC, Agile, and Lean practices
Ability to create and maintain CI/CD pipelines and monitoring systems
Experience with security assessments, audits, and technical writing
Hands-on with DevSecOps toolchains and cloud/container security
Preferred Qualifications & Certifications
Certifications (any of the following are a plus):
CISSP, CCSP, CISM, CISA, CEH, AWS Security Specialty, CompTIA Security+
ITIL, TOGAF, PM2, Agile certifications
Assets:
Experience in European Commission/DG TAXUD environment
Knowledge of Kafka/Confluent, Elastic Stack, eArchiving (CEF E-ARK)
Familiarity with EC security frameworks and compliance standards