Brainbox Consulting BV aligning great talent with clients’ needs is at the core of who we are. We are passionate about our Consultants, our Clients, and our Partners. Our rich IT legacy combined with our unyielding care for our people and business is the driving force behind all we do, and we deliver! On this journey, we are looking for a Senior Security Architect who is also interested to take on a wide range of activities.

Description:
Senior Security Architect
Lead and support product and information security for (IoT) products, apps, and cloud services

Responsibilities:

• Lead and support the realization of product security deliverables during the development of medical and consumer (IoT) products, apps, and cloud-based services. This includes security and privacy by design, threat modeling, risk management, and verification activities, confirm the Quality Management System, and engagement with both business and corporate stakeholders.
• Support the deployment, maintenance, and improvement of organizational information security policies and controls, including preparation for and follow-up on internal and external audits.
• Contribute to the continuous improvement of security policies, procedures, and frameworks across both product security and organizational information security, applying up-to-date knowledge of cybersecurity threats, standards, and guidance.
• Foster strong (cross-functional) collaboration with peers to align on initiatives, drive adoption, and ensure integrated security across domains.

Education:

Bachelor’s/ Master’s Degree in Computer Science, Information technology, Cybersecurity, Electrical/Electronic Engineering, Information Security or equivalent.

Requirements

• 10-15+ years of experience in security architecture or engineering roles, with at least 5 years focused on product, app, and cloud security for complex systems, involving embedded software, electronics, cloud services, and wireless standards (e.g. BLE, 4G/5G, Wi-Fi, NFC). Experience in healthcare or regulated environments is a strong plus.
• Expertise in threat modeling, security architecture, risk management, cryptography.
• Familiarity with secure software practices (e.g. secure boot, OTA, SBOM). Hands-on experience with relevant standards and frameworks such as ISO/IEC 27001, NIST CSF, IEC 62443, OWASP, and ideally IEC 62304, ISO 14971, or EU/FDA cybersecurity and guidance for medical devices and privacy regulations.
• Bachelor’s or Master’s degree in Computer Science, Electrical/Software Engineering, or related technical field. Preferred certifications include CISSP, CSSLP, HCISPP, CEH, and ISO 27001 Lead Implementer.
• Strong communicator with the ability to engage with both technical and non-technical stakeholders across R&D, IT, and corporate functions.
• Proven ability to lead security initiatives, coach teams, and translate technical security risks into requirements. Comfortable working in global, cross-functional, and multicultural environments.