Company Description

Brainbox Consulting BV is an engineering services company delivering high-quality solutions for product companies in the software and systems sectors. Our passion for talent and a strong IT legacy are central to our identity, driving value for clients, consultants, and partners. Alongside engineering services, we provide consulting expertise to align talent with business needs. We are committed to leveraging cutting-edge technologies and industry best practices for sustainable growth. Our vision is to transform product development through exceptional quality, innovation, and a customer-centric approach.

Role Description

Lead and support product and information security for (IoT) products, apps, and cloud services.

This is a full-time on-site role for a Senior Security Architect located in Eindhoven. The Senior Security Architect will be responsible for designing security architectures, ensuring application security, and managing network and information security. Day-to-day tasks include developing security solutions, conducting risk assessments, implementing security controls, and collaborating with cross-functional teams to ensure comprehensive cybersecurity measures are in place.

Responsibilities:

• Lead and support the realization of product security deliverables during the development of medical and consumer (IoT) products, apps, and cloud-based services. This includes security and privacy by design, threat modeling, risk management, and verification activities, confirm the Quality Management System, and engagement with both business and corporate stakeholders.
• Support the deployment, maintenance, and improvement of organizational information security policies and controls, including preparation for and follow-up on internal and external audits.
• Contribute to the continuous improvement of security policies, procedures, and frameworks across both product security and organizational information security, applying up-to-date knowledge of cybersecurity threats, standards, and guidance.
• Foster strong (cross-functional) collaboration with peers to align on initiatives, drive adoption, and ensure integrated security across domains.

Education:

Bachelor’s/ Master’s Degree in Computer Science, Information technology, Cybersecurity, Electrical/Electronic Engineering, Information Security or equivalent.

Requirements

• 10-15+ years of experience in security architecture or engineering roles, with at least 5 years focused on product, app, and cloud security for complex systems, involving embedded software, electronics, cloud services, and wireless standards (e.g. BLE, 4G/5G, Wi-Fi, NFC). Experience in healthcare or regulated environments is a strong plus.
• Expertise in threat modeling, security architecture, risk management, cryptography.
• Familiarity with secure software practices (e.g. secure boot, OTA, SBOM). Hands-on experience with relevant standards and frameworks such as ISO/IEC 27001, NIST CSF, IEC 62443, OWASP, and ideally IEC 62304, ISO 14971, or EU/FDA cybersecurity and guidance for medical devices and privacy regulations.
• Bachelor’s or Master’s degree in Computer Science, Electrical/Software Engineering, or related technical field. Preferred certifications include CISSP, CSSLP, HCISPP, CEH, and ISO 27001 Lead Implementer.
• Strong communicator with the ability to engage with both technical and non-technical stakeholders across R&D, IT, and corporate functions.
• Proven ability to lead security initiatives, coach teams, and translate technical security risks into requirements. Comfortable working in global, cross-functional, and multicultural environments.