Product Security Architect
Role details
Job location
Tech stack
Job description
We are looking for a Product Security Architect to lead the design and implementation of secure architectures across our products, including Materialise Mimics Flow - a cloud-based platform operating in a regulated medical device environment. This role ensures that security is embedded throughout the entire product lifecycle, from initial concept and design through development, deployment, and maintenance., Our platform leverages a cloud-native architecture on AWS, with an increasing adoption of containerized workloads orchestrated by Kubernetes and supported by DevOps practices. We are actively progressing the migration of legacy applications and further strengthening our operational and architectural foundations to improve scalability, reliability, and maintainability over time. The platform processes sensitive medical data and operates under strict regulatory requirements, requiring compliance with recognized cybersecurity standards and medical device regulations. You will work closely with engineering, product, and DevOps teams to proactively identify risks, define security requirements, and implement best practices that protect our systems, data, and users. You will also play a key role in supporting audits and regulatory processes, contributing to required documentation, and ensuring that security controls are clearly defined, effectively implemented, and fully traceable. What you will do
Secure architecture design
- Define and review secure system architectures for applications, services, and platforms
- Design and guide the implementation of:
- Identity and access management (SSO, OIDC, SAML, authorization models)
- Tenant isolation and access control
- Data protection and privacy-by-design (encryption, key management, PII handling)
- Secrets management and network segmentation
- Logging, monitoring, and auditability aligned with compliance requirements
- Secure CI/CD and software supply chain practices
Threat modeling and risk assessment
- Conduct threat modeling sessions and train the teams to identify potential vulnerabilities early
- Perform risk assessments and recommend mitigation strategies
Security integration in development
- Embed security practices into SDLC (Secure SDLC)
- Guide teams on secure coding standards and design patterns
- Support the adoption of SAST, DAST, SCA, and other security tools
Engineering collaboration
- Partner with engineering and product teams to ensure security requirements are clear and actionable
- Participate in design reviews and architecture discussions
Compliance and standards
- Ensure adherence to applicable standards (e.g., ISO 27001) and regulations (e.g., GDPR, data protection laws)
- Contribute to internal security policies and guidelines
- Align product security initiatives with the broader organizational security roadmap
Vulnerability management and incident support
- Support vulnerability remediation and coordinate with teams on fixes
- Assist in security incident analysis and response
Security strategy and roadmap
- Define and drive a product security roadmap aligned with business goals
- Promote a security-first culture across teams
Requirements
Do you have experience in System architecture?, * 8+ years of experience in software engineering, system architecture, or application security, including hands-on work in cloud or distributed systems
- Experience leading architecture reviews and driving security decisions across teams
- Experience designing and implementing security controls (e.g., IAM, encryption, secrets management, network segmentation) in production environments
Technical skills
- Strong understanding of security principles (authentication, authorization, cryptography, secure APIs)
- Conducted threat modeling using STRIDE, mapped threats to CAPEC and CWE, and applied CVSS scoring to prioritize remediation efforts
- Familiarity with security tools (SAST, DAST, SCA, container security, etc.)
- Knowledge of cloud security (AWS, Azure, or GCP)
Standards and frameworks
- Strong stakeholder management skills, with the ability to influence engineering, product, and leadership without direct authority
- Analytical thinking and problem-solving mindset
- Comfortable communicating security risks, decisions, and strategy to senior leadership
Will be a plus
- Security certifications (e.g., CISSP, CISM, CSSLP)
- Experience with medical device cybersecurity standards (e.g., IEC81001-5-1, MDCG 2019-16, section 524B(b)(2) of the FDA act)
- Experience with DevSecOps practices and CI/CD integration
- Background in regulated industries (e.g., healthcare, finance)
- Experience with penetration testing, When creating a better and healthier world, a good place to start is with yourself. That's why we encourage our employees to prioritize their overall well-being, fostering physical fitness, mental resilience, and social connections through a range of workshops, sports activities, and other events and initiatives that contribute to a balanced and fulfilling work-life harmony.
Benefits & conditions
Pulled from the full job description
- On-site gym
- Company events