Fincons Group is an IT business consulting company that has been designing the digital future of leading companies on international markets for 40 years. Fincons Group built its reputation on foreseeing and interpreting new business models and the rapid evolution of IT systems by building a complete range of services: from research and consulting to design and development, from system integration of leading vendor software solutions right up to application management, supporting clients step by step along their digital transformation journey. Fincons is a multinational with over 2,600 people and several offices worldwide (in Italy, Switzerland, Germany, France, the United Kingdom, Belgium and the USA), but above all a Family Company where the founders play a strategic role with commitment and passion, grounding the company in the same principles of a united and caring family.
We firmly believe in the value of cooperation and in the contribution that every idea and intuition can bring. We believe that everyone’s effort can make a difference. Transforming knowledge into a strategic resource is our company mission, and we pursue it with the help of our most strategic asset: our people.
Fincons is looking for a IT SECURITY MANAGER
Tasks
This role focuses on coordinating high-level information security initiatives by acting as a technical facilitator between stakeholders and contractors to ensure all project goals align with established security policies. Key tasks involve translating complex security requirements into actionable technical specifications, overseeing the quality and compliance of contractor deliverables, and proposing technical solutions for firewalls and identity management. Additionally, the position entails managing risk through rigorous audits (ISO 2700x/CobIT), analyzing security assessments to prevent incidents, and providing strategic guidance on business continuity, disaster recovery, and the overall security management framework.
Required Knowledge & Experience
* Security Assessment & Penetration Testing: Expert in auditing complex systems and conducting penetration tests based on OWASP Top 10 and secure coding standards.
* Risk Management & Governance: Proficient in implementing frameworks like ISO 2700x and CobIT, building risk assessments to EC standards, and ensuring compliance with data privacy laws (GDPR).
* Network Security & Technical Oversight: Deep understanding of TCP/IP and network protocols to monitor and approve corporate firewall rules and WAN connections.
* Audit Lifecycle Management: Extensive experience in executing IT audits—specifically in highly regulated sectors (Finance/Banking)—and rigorously tracking the implementation of audit recommendations.
* Leadership & Contractor Management: Proven ability to lead security teams, manage specialized IT security contractors, and enforce Service Level Agreements (SLAs).
* Project & Continuity Planning: Experienced in designing BCP/DRP dashboards, managing IT projects (ideally in Customs/Taxation), and integrating security within the SDLC.
* Strategic Assets: Strong background in technical writing, ITIL, and specialized certifications like CGEIT or CGRC.
Specific Expertise
* Security Management & Incident Handling: Proven experience in complex organizations with outsourced services, including at least 3 years of hands-on IT security incident response.
* Technical Security Solutions: Expert knowledge of the full security stack, including SIEM, Firewalls, IPS/IDS, WAFs, and Endpoint Protection (EDR).
* Identity, Access & Cryptography: Advanced proficiency in IAM and secrets management tools (e.g., HashiCorp Vault, Cisco ISE) alongside strong cryptographic and network security skills.
* Security Operations & Risk Management: Deep expertise in monitoring, vulnerability management, and mitigating risks for systems in production.
English (C1) required
Office: Brussels
modality of work: hybrid
Our personnel search is addressed to candidates of all genders.
The data will be processed and stored exclusively for the purposes of this or future selections, in compliance with the Federal Data Protection Law (LPD) and guaranteeing the rights referred to in art. 13 Legislative Decree 196/03 and EU regulation 679/2016 (GDPR)