Security application engineer
Entity: Daikin Europe HQ Job Category: Information Technology Solutions Location:
Ghent, East Flanders, BE
Job Requisition ID: 2943
About the role
As a Security Application Engineer, you will play a key role in embedding security, compliance, and reliability into our IoT cloud applications across their full lifecycle. You combine hands-on security engineering with process ownership and regulatory awareness, ensuring our solutions are secure by design, operationally reliable, and compliant with European regulations such as the Cyber Resilience Act (CRA) and NIS2. You will collaborate closely with development teams, architects, and stakeholders to strengthen the security posture of our cloud ecosystem and support continuous improvement initiatives.
Your responsibilities
You will contribute to both security engineering activities and process & compliance ownership:
Security engineering
1. Perform security design reviews and threat modeling (in cooperation with our suppliers) for new features and system changes
2. Identify, assess, and mitigate vulnerabilities in:
3. Cloud services and infrastructure
4. APIs and integrations
5. Device–cloud communication
6. Supporting tooling, CI/CD pipelines, and development environments
7. Translate security requirements into practical and implementable technical controls together with development teams
8. Organise and follow up on penetration testing activities, ensuring findings are properly remediated
Processes and governance
9. Define, implement, and continuously improve security-related processes and procedures, including:
10. Vulnerability management and disclosure
11. Secure software update and patch management
12. Security documentation and evidence collection
13. Support audits, internal assessments, ,and regulatory compliance activities (e.g. CRA, NIS2)
14. Contribute to security awareness and best practices within engineering teams
Operational support
15. Support the daily operations of our IoT cloud applications, including:
16. Incident follow-up and root cause analysis
17. Responding to service-related questions
18. Supporting reliability and service continuity initiatives
19. Participate in an on-call/standby rotation (future scope)
Your profile
Experience & knowledge
20. Bachelor’s or Master’s degree in Computer Science, Engineering, or equivalent experience
21. Experience in application and/or cloud security (preferably in an IoT or distributed system context)
22. Good understanding of:
23. Web and API security (e.g. OWASP Top 10)
24. Authentication and authorization mechanisms (OAuth2, OpenID Connect, JWT, etc.)
25. Familiarity with cloud platforms (e.g. AWS, Azure, or GCP) and their security services
26. Experience with secure software development practices and DevSecOps concepts
Nice to have
27. Experience with IoT architectures and device–cloud interactions
28. Knowledge of European regulatory frameworks (CRA, RED-DA, NIS2)
29. Experience with penetration testing coordination or interpreting pentest reports
30. Familiarity with standards such as ISO 27001, or similar
31. Experience with risk-based frameworks (e.g. CIS controls)
32. Experience with monitoring, logging, and incident response in cloud environments
Soft skills
33. Strong analytical mindset and problem-solving skills
34. Ability to translate abstract security requirements into practical solutions
35. Good communication skills and ability to work with cross-functional teams
36. Proactive attitude with a focus on continuous improvement
Our offer
This challenging position offers you growth opportunities at the European headquarters of global leading company. We offer a permanent contract for an indefinite period. From the start you can count on thorough training and intensive support. Your competitive salary is supplemented with an attractive package of fringe benefits.
Hybrid: You will have the possibility to work from home 2 days per week.
Location: Tech Lane Ghent Science Park