Job Enterprise Cybersecurity Architect @ Equans nou

EQUANS is the French leader in multi-technical services and a wholly owned subsidiary of the Bouygues Group, a 19. 2 billion $ company.

Internationally, EQUANS operates in 40 countries with approximately 90, 000 employees worldwide. In France, the company serves a wide range of sectors including defence & marine, transport infrastructure, energy infrastructure, healthcare, industry, smart buildings and connected territories.

EQUANS has built a mature, group-wide cybersecurity governance aligned with ISO 27001: 2022, ANSSI directives (including the Loi de Programmation Militaire), NIS2, GDPR, and the IEC 62443 standard for operational technology. The Cybersecurity Department operates 5 specialist units: Governance Risk & Compliance, Security Operations, Security Project Office, Digital Resiliency and Cyber Customer Trust.

Role overview:

The Enterprise CyberSecurity Architect is a key strategic position within the EQUANS Cybersecurity Department, reporting directly to the CISO. The role sits at the intersection of enterprise architecture and cybersecurity, responsible for setting the global cybersecurity architecture trajectory of EQUANS France and aligning it with the Group’s security policies and business objectives.

You will define architecture targets, prescribe security standards for Group tools and systems, and work in close collaboration with the Equans Group Cyber Technical Office, the SLS CyberDefense CERT/CSIRT, and the DSI technical teams. Your work will directly influence the security of both CORPORATE IT systems (internal Group infrastructure) and CLIENT IT environments (technology used to deliver services to external clients).

Key responsibilities:

• 1. Enterprise Security Architecture:
• Define and maintain the global cybersecurity architecture roadmap for EQUANS France, aligned with EQUANS Group strategy and the ISO 27001: 2022 / ISO 27002: 2022 frameworks.
• Design and maintain standard architecture principles, patterns, and reference models across network, cloud, identity, and application security domains.
• Establish and enforce security-by-design principles across projects, integrating the ISP (Integration of Security in Projects) approach from inception through delivery.
• Define and maintain security target architectures (Zero Trust, CNAPP, SASE) and lead their progressive deployment within the Group’s infrastructure.
• Conduct architecture reviews (Technical Architecture Files, architecture diagrams) to validate compliance with Group security standards and ANSSI recommendations.
• 2. Standards, guidelines & security catalogue:
• Define cybersecurity guidelines, policies, and technical standards related to EQUANS France’s service offerings and internal information systems.
• Design, maintain, and evolve a catalogue of approved security solutions, products, and partners, ensuring alignment with Group procurement and technology lifecycle policies.
• Contribute to the Group’s Statement of Applicability (SoA) and ensure France-specific regulatory requirements are accurately reflected.
• Ensure architecture standards address all critical domains: access control & identity (IAM/PAM), network segmentation, cloud security (Azure, AWS), vulnerability management, incident detection and data protection.
• 3. Project & business engagement:
• Support and guide the Security Project Office during the Bid, Design, and Acceptance phases of major contracts and transformation projects.
• Act as the security architecture authority for complex infrastructure projects, providing expert guidance to project managers, engineers, and DSI teams.
• Anticipate future business requirements and emerging threat vectors to proactively adjust the architecture roadmap.
• Participate in Change Advisory Board (CAB) reviews to assess security impact of significant IS changes at the Group and entity level.
• 4. Client IT Security (Cyber Customer Trust):
• Provide architecture guidance on CLIENT IT environments, ensuring contractual security requirements (SAPs, ISSP-O policies) are appropriately designed into service delivery.
• Work with the Cyber Customer Trust France programme to assess risk exposure of sensitive client contracts and define appropriate architecture responses.
• Support the FAST Incident Response device (PASSI-qualified, ANSSI-certified) in the event of major incidents impacting CLIENT IT environments.
• 5. Coordination & stakeholder management:
• Coordinate multiple internal stakeholders (DSI departments, business divisions, legal) and external partners in the deployment of cybersecurity solutions and processes.
• Liaise with the Group’s Cyber Technical Office and SLS CyberDefense (SOC/CERT/CSIRT) to maintain alignment with Group-level architecture decisions.
• Participate in security awareness campaigns and contribute to the training of technical teams on architecture best practices.
• Monitor cybersecurity market developments, attack trends, and countermeasures to continuously refine architectural choices.

Required Profile:

Education:

• Engineering degree (Bac+5) or equivalent in Computer Science, Information Systems, Cybersecurity or Telecommunications.

Experience:

• 8+ years of experience in IS security or cybersecurity architecture, ideally within a large corporate DSI or a major consulting/integration firm.
• Proven track record designing and delivering enterprise security architectures at scale, spanning on-premises, cloud (Azure/AWS), and hybrid environments.
• Experience working within structured security governance frameworks.

Technical Skills:

• Deep knowledge of network and cloud infrastructure security architecture.
• Strong understanding of identity and access management (IAM, PAM, SSO, MFA, Active Directory, Azure AD / Entra ID).
• Proficiency in cloud security posture management tools (CNAPP, CSPM) on Azure and/or AWS.
• Familiarity with SIEM, SOC operations and vulnerability management processes.
• Knowledge of secure development lifecycle (DevSecOps, OWASP) and application security.
• Working knowledge of EBIOS RM risk methodology and experience conducting or reviewing risk analyses.

Certifications (Strongly Valued):

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• SABSA (Sherwood Applied Business Security Architecture)
• TOGAF (with security focus) or equivalent enterprise architecture certification
• Cloud security certifications: AWS Security Specialty, Microsoft AZ-500, or CCSP

Soft Skills:

• Strong analytical and synthesis skills; ability to translate complex security requirements into clear architectural decisions.
• Excellent communication skills – able to present security concepts to technical teams and executive stakeholders alike.
• Cross-functional leadership: able to coordinate and influence without direct authority across multiple teams and business units.
• Proactive, curious and up to date with the cybersecurity threat landscape.
• Professional English essential for Group-level interactions.

What We Offer:

• A strategic role with real impact at the heart of organisation undergoing major digital and energy transitions.
• The opportunity to shape enterprise-wide security architecture.
• Collaboration with a mature, expert cybersecurity team and access to Group-level CERT, CSIRT and specialist cyber defence capabilities.
• Hybrid working model based in Bucharest / ONE Cotroceni business park.
• Continuous professional development, access to certifications and participation in industry events.
• Competitive remuneration package in line with market benchmarks for senior security experts.