CISO Security Architect / OT Expert

Location: Brussels + Remote

Languages: Dutch and/or French + English

Start Date: 13/07/26

End Date: 31/05/28

Objective:

Provide guidance and detailed insights into potential cyber-attacks and risks through a holistic view aligned with enterprise architecture methodology, principles, guardrails, and standards. The role aims to help prevent and mitigate cyber and information security risks in the digital transformation of mission-critical and commercial functions. Security architects play a critical role in protecting digital assets by ensuring that security measures are integrated into the IT architecture.

Main Activities and Responsibilities:

Design and Development:

• Develop and implement security policies, protocols, and procedures.
• Design secure network solutions and architectures to protect against cyber threats.
• Support other architects to ensure security controls are embedded in system designs and architecture.

Risk Assessment and Management:

• Review architecture proposals and provide feedback on residual risks.
• Participate in architecture councils and decide on project progression in the development lifecycle.
• Conduct security risk assessments and oversee penetration tests.
• Develop risk mitigation strategies and recommend security controls.
• Monitor emerging threats and adjust security strategies.
• Report vulnerabilities to the GRC Risk Team for registration and reporting.

Compliance and Standards:

• Provide guidance for compliance with security standards (e.g., ISO 27001, NIST).
• Develop and enforce security policies and standards.
• Work with regulatory bodies to ensure legal and compliance adherence.

Collaboration and Communication:

• Collaborate with IT and business units to integrate security requirements.
• Work with IT teams, compliance officers, and stakeholders to meet security objectives.
• Communicate security risks and solutions to management and stakeholders.
• Provide guidance and training to IT staff on security best practices.

Incident Response:

• Support the response to security incidents and breaches.
• Conduct investigations and post-incident analysis.
• Propose action plans for resolving security issues.

Technology Evaluation:

• Evaluate and recommend security products and technologies.
• Stay updated with emerging security technologies and trends.
• Oversee the deployment and configuration of security systems and tools.

Threat Modeling:

• Create and implement a threat modeling methodology.
• Perform threat modeling for new and existing solutions.
• Advise on security requirements during project design phases.

CISO Capabilities, Services, and Process Mapping:

• Support the CISO management team with capabilities, services, and processes.
• Help define and prioritize security initiatives and projects.

Conformity Criteria:

• Master's in Cybersecurity, Computer Science, Mathematics, Physics, or Engineering.

• Minimum 10 years of experience in Cybersecurity, with at least 3 years in critical infrastructure or defense.
• Minimum 3 years of experience in OT within complex hybrid environments (IT, OT, IoT, Cloud, ERP).
• Proficiency C1 in English and C1 in either French or Dutch.
• Trained in ISO27001 Lead Auditor, IEC62443, or NIS2 Cyber Fundamentals.
• Mandatory reference from a previous employer in critical infrastructure or defense.

Evaluation Criteria:

• Proven track record of developing and maintaining security processes, policies, and standards.

• Experience in designing and implementing security architecture across various domains.
• Expertise in risk assessment and gap analysis.
• Experience in large-scale security projects or industry-specific implementations.
• Excellent communication, synthesis, and simplification skills.
• Experience interacting with diverse stakeholders.
• Structured, critical, and solution-oriented mindset.
• Autonomy, rigor, strong sense of priorities, and change management skills.