Security & Compliance Architect – Privileged Access Management

About the role

We are seeking a Security & Compliance Architect to lead the design and implementation of Privileged Access Management (PAM) solutions for a European public institution in Luxembourg. The role combines deep cybersecurity expertise with cloud security and compliance knowledge to protect critical information systems.

Key responsibilities

• Lead compliance initiatives to align information systems with CMMI, ISO and industry best practices.
• Design, prototype, implement and maintain secure cybersecurity and cloud security architectures.
• Manage and enhance PAM, SAM and CAMS solutions (PrivX, Luna, Ciphertrust, Hashicorp Vault) ensuring scalability and operational efficiency.
• Oversee vulnerability management, continuous monitoring and remediation across hybrid and multi‑cloud environments.
• Collaborate with technical teams, operational leaders and senior stakeholders to align security with business objectives.
• Conduct audits, produce compliance and performance reports, and drive continuous improvement.
• Provide technical guidance, mentoring and training on cybersecurity, compliance and cloud security best practices.

Required profile

• 8+ years of cybersecurity experience, including at least 3 years as an architect.
• Bachelor's or Master's degree in Computer Science or related field.
• Hands‑on experience with PAM/SAM/CAMS solutions (PrivX, Luna, Ciphertrust, Hashicorp Vault) and strong expertise in Hashicorp Vault.
• Good understanding of network security, authentication/authorization protocols, OWASP Top 10 and PKI.
• Solid knowledge of DevSecOps, API architectures and full‑stack infrastructure (Windows, Linux, Unix, WAN/LAN).
• Familiarity with CMMI, ISO 9001 and advanced certifications such as CISSP, CISM.
• Proven expertise in AWS security solutions or equivalent cloud security certification.

Required skills

• PrivX
• Luna
• Ciphertrust
• Hashicorp Vault
• AWS security
• OWASP Top 10
• PKI
• DevSecOps
• API architectures
• Windows, Linux, Unix
• WAN/LAN networking
• CMMI
• ISO 9001
• CISSP
• CISM

What we offer

• Flexibility to work as a full‑time employee or freelancer with attractive conditions.
• Remote work setup.
• Additional perks for full‑time employees.