For our client in the public transport sector, we are looking for a Security Architect to join a large transformation programme covering IT, OT, Cloud, IAM and SAP security domains.
You will work cross-functionally with enterprise architects, security engineering, IAM, network, cloud, vendors, and project teams to design, validate and improve the security architecture across the organisation.
Responsibilities
* Define, document and maintain security architecture principles, patterns, and reference architectures
* Support IT & OT teams with secure design of new solutions (on-prem, cloud, hybrid)
* Evaluate solution architectures and ensure alignment with NIS2, ISO27001, IEC 62443, Cloud Security best practices
* Contribute to and validate security design for SAP, IAM/ICAM, PKI, Network Segmentation, XDR/SIEM, Zero Trust
* Collaborate with enterprise architects to integrate security into the target architecture
* Provide threat modelling, security risk analysis and mitigation recommendations
* Validate third-party designs, integration patterns, and architectural compliance
* Produce high-quality documentation and security architecture blueprints
* Act as a security SME for infrastructure, cloud, network, OT and application teams
* Follow architecture governance and contribute to security roadmaps and standards
* Support incident response from an architectural perspective when needed
Required Technical Skills
* Solid experience as Security Architect (IT and/or OT)
* Strong knowledge of:
* Network & Cloud security architecture (AWS/Azure)
* IAM / ICAM / IGA / PAM
* PKI, Certificates, Cryptography
* SIEM/XDR, monitoring, vulnerability mgmt
* Zero Trust, segmentation, firewalling
* Secure SDLC / DevSecOps
* Experience with modelling tools (Archimate, UML, Visio, Sparx EA) is a plus
* Knowledge of SAP security is an advantage
* Experience with industrial or OT environments (IEC 62443) is a strong plus
Soft Skills
* Strong analytical mindset and structured approach
* Ability to challenge designs and stakeholders diplomatically
* Excellent communication skills (documentation + presentation)
* Ability to work in large, complex organisations
* Proactive, autonomous, and solution-oriented
Certifications (plus, not mandatory)
* CISSP, CCSP, CISM
* SABSA, TOGAF
* ISO 27001 Lead Implementer or Lead Auditor
* Azure/AWS Security Certifications
Languages
* English (fluent)
* French or Dutch is a plus
Location & Contract
* Brussels – Hybrid (2–3 days on-site)
* Long-term mission
* Freelance