Application & Platform Security Architect

The Software & Services (SAS) Competence Centre is looking for a Application & Platform Security Architect to help shape the secure and sustainable digitalization of VITO. As our software landscape continues to grow, cybersecurity expectations in research and innovation projects increase, and regulations such as NIS2 become more important, we are looking for an expert who can develop an organization-wide architectural vision and translate it into practical guidelines, standards, and improvement initiatives. You will help research software evolve from prototypes into reliable operational solutions and support teams in integrating security, compliance, and best practices from the very start of their developments.

You will join a multidisciplinary team of around 30 software engineers, DevOps specialists, analysts, and project managers with a strong affinity for scientific research. Together, we bridge the gap between research and impact by developing digital solutions that make scientific insights accessible to industry, policymakers, and society.

Our expertise spans three main domains: application development, supporting researchers in building high-quality software, and providing scalable research platforms such as Kubernetes, cloud, and HPC environments. We combine software engineering, AI-assisted development, DevOps, cybersecurity, and data infrastructure to accelerate the transition from research to reliable operational solutions.

Within SAS, you will have the opportunity to work on challenges with real societal impact, collaborate with leading researchers, and contribute to an organization-wide culture of software engineering and innovation.

What will you do?

You will work closely with researchers, software engineers, DevOps specialists, and project teams to embed security by design into our digital solutions.

Your responsibilities include:

• Assessing the current security posture of VITO’s internally developed applications and defining a phased roadmap towards NIS2 compliance.

• Defining, implementing, and maintaining security standards, architectural guidelines, and software development best practices across the organization.

• Developing policy frameworks, guidelines, and reusable building blocks to integrate cybersecurity into research proposals and innovation projects from the outset.

• Reviewing application architectures and development processes across a diverse software landscape, and identifying improvement opportunities related to security, quality, maintainability, and operational maturity.

• Supporting and coaching development teams in adopting secure coding principles, modern CI/CD practices, and scalable architectural patterns.

• Promoting a consistent and future-oriented software engineering approach in which security, compliance, and quality are built in by default.

• Acting as a bridge between IT, software development, and research, ensuring that innovative solutions can safely evolve from prototypes into operational services.

In this role, you will have the opportunity to make an organization-wide impact on how digital solutions are designed, developed, and operated within a leading research organization.

• A Master's degree in Computer Science, Cybersecurity, Software Engineering, or equivalent experience.

• At least 5 years of experience in software architecture, security architecture, application security, or a related field.

• Strong understanding of secure software development practices, application security principles, and modern software architectures.

• Experience with cloud-native technologies, container platforms (e.g. Kubernetes), CI/CD pipelines, and DevSecOps practices.

• Familiarity with cybersecurity frameworks, standards, and regulations such as NIS2, ISO 27001, OWASP, or similar.

• Experience conducting architecture reviews, risk assessments, and translating security requirements into practical guidance for development teams.

• The ability to balance security, usability, innovation, and operational realities in a research-driven environment.

• Strong communication and stakeholder management skills, enabling you to collaborate effectively with researchers, developers, IT teams, and management.

• A proactive mindset with the ability to drive change and build consensus across diverse teams.

• Excellent English communication skills, both written and spoken. Knowledge of Dutch is considered an asset.

Nice to have

• Experience in research, innovation, or R&D-driven environments.

• Knowledge of AI/ML platforms, data-intensive applications, or scientific software development.

• Relevant certifications such as CISSP, CCSP, SABSA, TOGAF, Azure Security Engineer, or similar.

• Experience establishing security governance, secure development frameworks, or organization-wide security improvement programs.

Offer

• We operate in an activity‑based way, meaning your work activities guide where you work. Our headquarter is located in Mol, and we anticipate an average onsite presence of about 50%. We also support flexibility: parttime remote work or working from one of our satellite offices in Antwerp‑Berchem, Genk, Ghent, Leuven, Kortrijk or Ostend is possible.

• A competitive salary with a range of benefits, including allowances, insurance, and a modular package of holidays.

• Innovation is our asset, so it goes without saying that we give our employees the opportunity to take additional training courses and stay up-to-date in their field. You will always have the opportunity to broaden your knowledge and discover new technologies.

• You will have the opportunity to be part of an organization with an international reputation, known for its cutting-edge technological research and scientific consultancy.

• With us, you will contribute directly to sustainable developments at a local, national and global level through your innovative applications. You provide answers to contemporary societal challenges.

• Moreover, we highly value a good work-life balance at VITO! This is achieved by adopting a flexible attitude depending on your specific needs.