Security Architect

Join Keystone Solutions as a consultant for a client-facing mission focused on the role of CISO Security Architect – OT Expert. As a Keystone Solutions consultant, you will work closely with the client to provide guidance and detailed insights into potential cyber-attacks and risks through a holistic view aligned with enterprise architecture methodology, principles, guardrails, and standards. You will help the client prevent and mitigate cyber and information security risks in the digital transformation of its mission-critical and commercial functions. Security architects play a critical role in protecting digital assets by ensuring that security measures are integrated into the IT architecture. All responsibilities and criteria outlined below will be performed under Keystone Solutions' consultancy model at the client site or in a hybrid setup as needed.

• →Design and Development:
  • →Develop and implement security policies, protocols, and procedures.
  • →Design secure network solutions and architectures to protect against cyber threats, in line with enterprise architecture methodology, principles, guardrails, and standards.
  • →Support other architects to ensure security controls are embedded in system designs and architecture.
• →Risk Assessment and Management:
  • →Review architecture proposals and provide feedback on residual risks to project managers and lead architects.
  • →Participate in architecture councils and autonomously decide whether or not to allow a project to pass the gate in the development lifecycle.
  • →Conduct security risk assessments and oversee the execution of penetration tests to identify vulnerabilities.
  • →Develop risk mitigation strategies and recommend appropriate security controls.
  • →Monitor and evaluate emerging threats to adjust security strategies accordingly.
  • →Report existing vulnerabilities to the GRC Risk Team for proper registration in the risk register and risk reporting to the client's Risk Office.
• →Compliance and Standards:
  • →Understand and provide guidance for compliance with relevant security standards (e.g., ISO 27001, NIST).
  • →Develop and enforce security policies and standards across the organization, reporting to the CISO Management.
  • →Work with regulatory bodies to ensure understanding of and adherence to legal and compliance requirements.
• →Collaboration and Communication:
  • →Collaborate with IT and business units to integrate security requirements into all aspects of IT projects.
  • →Work with IT teams, compliance officers, risk management, and other stakeholders to ensure security objectives are met.
  • →Communicate security requirements and recommendations to both technical and non-technical audiences:
  • →Communicate security risks and solutions to management and stakeholders.
  • →Provide guidance and training to IT staff on security best practices and policies.
• →Incident Response:
  • →Support the response to security incidents and breaches.
  • →Conduct investigations and post-incident analysis.
  • →Propose action plans for timely resolution of security issues and implementation of corrective measures.
• →Technology Evaluation:
  • →Evaluate and recommend security products and technologies.
  • →Stay up to date with emerging security technologies and industry trends.
  • →Oversee the deployment and configuration of security systems and tools.
  • →Evaluate and select security technologies and tools that meet the organization's needs.
• →Threat Modeling:
  • →Create and implement a threat modeling methodology to further improve the existing risk management process.
  • →Perform threat modeling for new and existing solutions across the IT landscape.
  • →Provide advice during the design phase of projects on security requirements.
• →CISO Capabilities, Services, and Process Mapping:
  • →Support the CISO management team with the creation, implementation, and maintenance of CISO capabilities, services, and processes.
  • →Help define and prioritize security initiatives and projects.

• Masters in Cybersecurity, Computer Science, Mathematics, Physics or Engineering
• Minimum 10 years of experience in the Cybersecurity Domain of which minimum 3 in critical infrastructure or defense
• Minimum of 3 years of experience in OT within complex hybrid environments (IT, OT, IoT, Cloud, ERP)
• Proficiency C1 in English and Proficiency C1 in either French or Dutch.
• Trained in either ISO27001 Lead Auditor, IEC62443 or NIS2 Cyber Fundamentals
• Mandatory reference attached to the CV of previous employer in critical infrastructure or defense
• Willingness to come work on-site when needed

• Proven Track Record of developing and maintaining security processes, policies, and standards that align with business objectives and applicable regulatory frameworks, including European Union and Belgian laws, as well as ISO 27001, IEC 62443, and the NIST SP series.
• Proven Track Record of Experience in designing and implementing security architecture across network, application, data (network, SAP, ICAM, Authentication and authorization protocols, PKI, XDR, SIEM, Monitoring, auditing, AI, Cloud)
• Proven Track Record of Expertise in risk assessment and gap analysis
• Proven Track Record in large-scale security projects or industry-specific implementations
• Proven Track Record of Experience in excellent communication, synthesis, and simplification skills.
• Proven Track Record of interacting with diverse stakeholders (technical teams, business units, executive management).
• Proven Track Record of Experience in structured, critical, and solution-oriented mindset, capable of challenging and proposing improvements.
• Proven Track Record of Autonomy, rigor, strong sense of priorities, and change management skills.

• This is a consultancy mission at the client, delivered by Keystone Solutions. You will operate as a Keystone Solutions consultant, primarily on-site at the client location as needed, engaging with stakeholders across IT, OT, and business functions to deliver the responsibilities listed above.
• You will collaborate closely with client leadership, architecture councils, CISO Management, GRC teams, and regulatory stakeholders while adhering to the client's enterprise architecture methodology, principles, guardrails, and standards.

• Engage across diverse initiatives within complex hybrid environments (IT, OT, IoT, Cloud, ERP), contributing to secure architectures, risk management, compliance alignment, and incident response for mission-critical and commercial functions.

• Broaden your exposure to enterprise-grade security practices including ISO 27001, IEC 62443, NIST SP series, PKI, XDR, SIEM, monitoring, auditing, and cloud security while working alongside experienced client and Keystone Solutions teams.

• Accelerate your growth by tackling end-to-end security architecture challenges, participating in architecture councils, influencing go/no-go gates, and shaping CISO capabilities, services, and processes across client engagements.

• Bring a structured, critical, and solution-oriented mindset, autonomy, rigor, and a strong sense of priorities to every client engagement.
• Champion collaboration with technical teams, business units, and executive management, and communicate complex security topics with clarity and impact.

• Consultancy-based with on-site presence at the client as needed, complemented by remote collaboration based on project requirements.

If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today at Keystone Solutions Career Portal.