Security Architect

 CISO Domain lead Security Architect 

Functieomschrijving 

The Security Architect translates the CISO’s strategic directions into concrete and robust technical solutions. The Security Architect ensures consistency, regulatory compliance (NIS2, GDPR, ISO 27001, IEC 62443…), and the effectiveness of security measures across the entire organization, particularly in the context of critical services and vital infrastructures. 

The Architect contributes to an integrated security architecture covering IT, OT, cloud, and network environments, leveraging Archimate models and functional frameworks such as CyFun and ISO 27001 to ensure traceability and governance of security capabilities, thereby guaranteeing resilience and business continuity. 

MAIN ACTIVITIES 

Security Architecture 

Design, formalize, and evolve the target security architecture, integrating requirements from the early stages of project design (Security by Design, Privacy by Design). 

Define security architecture standards, models, and principles in alignment with the organization’s strategic directions. 

Integrate key security domains (network, cloud, IT/OT/IoT, ICAM, data, cryptography, etc.) into a coherent and modular vision. 

Lead or contribute to security intake processes and architecture committees to ensure alignment of solutions with the target architecture. 

Risk Management 

Perform technical and architectural risk assessments on projects, infrastructures, business applications, support applications, and industrial systems. 

Identify threats, vulnerabilities, and attack scenarios, and recommend appropriate mitigation measures. 

Maintain a consolidated and up-to-date view of risks across various domains, including ERP systems (SAP), IT/OT/IoT environments, the use of Artificial Intelligence, access management, and inter-application data flows. 

Standards, Compliance, and Governance 

Contribute to drafting and updating technical security standards, ensuring their alignment with legal requirements and reference frameworks (CyFun, ISO 27001, IEC 62443, NIST, NIS2, GDPR, etc.). 

Contribute to security governance committees to guide technical decisions. 

Ensure consistency of architectural principles with internal standards and maintain traceability of decisions. 

Participate in coordination with competent authorities when necessary. 

Support and Advisory 

Assist project, IT, OT, and business teams in integrating security requirements, including in complex contexts (SAP integration, IT/OT convergence, cloud solutions, access management). 

Provide support during design phases, solution analysis, or procurement processes (RFI/RFP). 

Ensure the alignment of critical architectural components (ICAM, detection and response solutions, cryptography, etc.) with overall security objectives and the IT roadmap. 

Continuous Improvement, Security and Technology 

Monitor the evolution of threats, technologies, regulations, and governance models, identifying innovation opportunities. 

Propose continuous improvements to strengthen the security posture, including detection and response, logging, resilience, and identity management. 

Promote modeling, reusability, and consistency of architectural components. 

Conformiteitscriteria 

• Higher education in Cybersecurity, Computer Science, Engineering, or a related field, or equivalent through a minimum of 10 years of relevant professional experience in cybersecurity. 

• Minimum of 10 years of professional experience in cybersecurity, including at least 5 years in cybersecurity architecture, enterprise security design, or a comparable senior security advisory role. 

• CISSP certification must have been obtained, demonstrating prior expertise in information security governance. 

• Experience with ADOIT and Archimate modelling. 

• Proven experience in large, complex, multi-stakeholder organisations operating hybrid environments combining IT, cloud, network, and at least one of the following: OT/IoT, industrial systems, or ERP/SAP landscapes. 

• At least 1 year of proven experience within the last 3 years in an organisation subject to NIS2, as well as CyFun essential requirements. 

• Demonstrated experience contributing to or supporting security governance, architecture review boards, technical standards, security intake, and risk-based design authority processes. 

• Proven experience in security architecture covering both preventive and detection/response capabilities, including SIEM, XDR/EDR, monitoring, logging, and forensic readiness. 

• Proven experience in all of the following domains: ICAM (IAM, IGA, PAM, federation, provisioning, physical/logical access management) 

• SAP / ERP security 

• IT/OT or IT/IoT convergence 

• Cloud security 

• Network architecture, segmentation, and Zero Trust 

• Cryptography / PKI / strong authentication 

• Secure use of AI and generative AI 

• Fluent in English, spoken and written, minimum C2 proficiency. 

• Fluent in either French or Dutch, spoken and written, minimum C2 proficiency. 

• The other national language (French or Dutch) at a minimum B2 level. 

• Available on 01-Jul-2026 

Evaluation criteria 

• Familiarity with IEC 62443 is considered an asset. 

• Expérience in Cybersecurity risk assessment based on ISO 27005. 

• Other certifications in cybersecurity is appreciated (ISC2 particularly). 

• Demonstrated ability to translate business, operational, and regulatory requirements into security architecture decisions, standards, and mitigation measures. 

• Strong analytical and synthesis skills, ability to produce clear deliverables, solution-oriented mindset, effective stakeholder management, and a rigorous, risk-based approach. 

• Team spirit and adherence to the motto: “Together, we achieve more.”