Product Security Architect - #49997

LEUVEN, BELGIUM

IT & SECURITY

HYBRID

FULL-TIME

ENGLISH CV

We are looking for a Product Security Architect to lead the design and implementation of secure architectures across our products, including Materialise Mimics Flow — a cloud-based platform operating in a regulated medical device environment. This role ensures that security is embedded throughout the entire product lifecycle, from initial concept and design through development, deployment, and maintenance

Job description

Our platform leverages a cloud-native architecture on AWS, with an increasing adoption of containerized workloads orchestrated by Kubernetes and supported by DevOps practices. We are actively progressing the migration of legacy applications and further strengthening our operational and architectural foundations to improve scalability, reliability, and maintainability over time. The platform processes sensitive medical data and operates under strict regulatory requirements, requiring compliance with recognized cybersecurity standards and medical device regulations. You will work closely with engineering, product, and DevOps teams to proactively identify risks, define security requirements, and implement best practices that protect our systems, data, and users. You will also play a key role in supporting audits and regulatory processes, contributing to required documentation, and ensuring that security controls are clearly defined, effectively implemented, and fully traceable What you will do

Secure architecture design

• Define and review secure system architectures for applications, services, and platforms
• Design and guide the implementation of:
  • Identity and access management (SSO, OIDC, SAML, authorization models)
  • Tenant isolation and access control
  • Data protection and privacy-by-design (encryption, key management, PII handling)
  • Secrets management and network segmentation
  • Logging, monitoring, and auditability aligned with compliance requirements
  • Secure CI/CD and software supply chain practices

Threat modeling and risk assessment

• Conduct threat modeling sessions and train the teams to identify potential vulnerabilities early
• Perform risk assessments and recommend mitigation strategies

Security integration in development

• Embed security practices into SDLC (Secure SDLC)
• Guide teams on secure coding standards and design patterns
• Support the adoption of SAST, DAST, SCA, and other security tools

Engineering collaboration

• Partner with engineering and product teams to ensure security requirements are clear and actionable
• Participate in design reviews and architecture discussions

Compliance and standards

• Ensure adherence to applicable standards (e.g., ISO 27001) and regulations (e.g., GDPR, data protection laws)
• Contribute to internal security policies and guidelines
• Align product security initiatives with the broader organizational security roadmap

Vulnerability management and incident support

• Support vulnerability remediation and coordinate with teams on fixes
• Assist in security incident analysis and response

Security strategy and roadmap

• Define and drive a product security roadmap aligned with business goals
• Promote a security-first culture across teams

Your profile

• 8+ years of experience in software engineering, system architecture, or application security, including hands-on work in cloud or distributed systems
• Experience leading architecture reviews and driving security decisions across teams
• Experience designing and implementing security controls (e.g., IAM, encryption, secrets management, network segmentation) in production environments

Technical skills

• Strong understanding of security principles (authentication, authorization, cryptography, secure APIs)
• Conducted threat modeling using STRIDE, mapped threats to CAPEC and CWE, and applied CVSS scoring to prioritize remediation efforts
• Familiarity with security tools (SAST, DAST, SCA, container security, etc.)
• Knowledge of cloud security (AWS, Azure, or GCP)

Standards and frameworks

• Strong stakeholder management skills, with the ability to influence engineering, product, and leadership without direct authority
• Analytical thinking and problem-solving mindset
• Comfortable communicating security risks, decisions, and strategy to senior leadership

Will be a plus

• Security certifications (e.g., CISSP, CISM, CSSLP)
• Experience with medical device cybersecurity standards (e.g., IEC81001-5-1, MDCG 2019-16, section 524B(b)(2) of the FDA act)
• Experience with DevSecOps practices and CI/CD integration
• Background in regulated industries (e.g., healthcare, finance)
• Experience with penetration testing

What we offer

Healthy life-work balance When creating a better and healthier world, a good place to start is with yourself. That's why we encourage our employees to prioritize their overall well-being, fostering physical fitness, mental resilience, and social connections through a range of workshops, sports activities, and other events and initiatives that contribute to a balanced and fulfilling work-life harmony Hybrid working & flexibility Personal growth and career advancement Team building Innovation is key Location and type of contract

• Leuven, Belgium
• Full-time
• Hybrid
• Mid-senior level
• CV in English

Working at Materialise

Materialise is a dynamic, international high-tech company, founded in 1990 and headquartered in Belgium, with over 2,300 employees worldwide. Materialise’s mission is to innovate for a better and healthier world through its software and hardware infrastructure and in-depth knowledge of additive manufacturing (also known as 3D printing). Our customers are in diverse industries, such as automotive, aerospace, medical, research, and academia.

As a growing company, Materialise is always looking for enthusiastic professionals who want to work in an environment full of revolutionary technology and surrounded by people passionate about their work