Product Security Architect - Cinema

Join Barco as Product Security Architect for the Cinema Business unit. 

As “Product Security Architect” (PSA), you will be part of the “First Line of Barco Cyber Defense” within the Business Unit Cinema and manage technical aspects of product related security & privacy risks, aligned with the corporate strategy managed by the Security Office (second line of defense).

The PSA reports to R&D management. 

You will be in the lead and responsible for information security and privacy aspects for products within the Business Unit on a technical level. As PSA you are the first point of contact for all technical security questions from stakeholder functions like R&D. You are responsible for leading and guiding implementation of product technical security & privacy controls, oversee and guarantee adoption of the secure software development lifecycle process, compliance with applicable regulations and informs the management and Security Office about the progress on these domains. 

You will be located in Kortrijk, Belgium, or alternatively in Liège, Belgium, and interface with an international group of developers based in Belgium, Canada, Germany, China and India. 

Key Responsibilities 

Engineering: 

• Set up and maintain a cyber security roadmap together with the Product Owner. 
• Rationalize the need for technical security controls to engineering teams and system architects.
• Provide security insights and guidance to R&D at both an architectural level and a highly technical level.
• Own and maintain technical and process security controls in the design and development phases, e.g.:
  • Threat modeling
  • Security features refinement
  • Code review process
  • Application security testing (SAST, DAST, …)
  • Vulnerability management (e.g. of open source packages)
  • Vulnerability scanning (tooling and configuration) 

Ecosystem: 

• Organize, follow up and provide support during product penetration tests executed by external partners. 
• Apply incident response management and vulnerability disclosure processes.
• Take ownership for ISO 27001 ISMS/audit product development related subjects.
• Create security whitepapers of the different product lines.
• Be the key contact point for security/privacy related topics during pre-sales phase.
• Stay up to date with latest security/privacy technologies, trends and regulations and translate impact to the business stakeholders.
• Inform BU management and Security Office about the state of security per product. 

Qualifications 

• Master's degree in IT or information security, or equivalent by experience.
• Preferably holder of certifications like GIAC, CISSP, CISM, …
• At least 3 years of experience in information security management with a software development or software testing background.
• Proven experience with leading a heterogeneous group of stakeholders through threat modeling, utilizing STRIDE or other frameworks.
• Experience with management of 3rd party vulnerabilities through analysis of Software Bill of Materials (SBOM). 

Technical knowledge and competencies: 

• Solid understanding of security protocols, security attack pathologies, cryptography, authentication, authorization and best practices. 
• Excellent knowledge of the Common Vulnerability Scoring System (CVSS) and its application.
• Familiar with ISO 2700x frameworks and risk assessment/treatment.
• Familiar with EU Cyber Resilience Act.
• Familiar with OWASP project (Top 10, ASVS, SAMM, …).
• Knowledge of Embedded devices is a plus.
• Working knowledge of Python, C++ and JavaScript (Rust  is a bonus). 

Soft Competencies: 

• Highly motivated individual with a genuine enthusiasm for information security and technology. 
• Eager to stay up to date with latest technologies. Good verbal and written communication skills in English.
• Good presentation, facilitation, and interaction skills, including ability to effectively communicate risks, issues and concepts to multiple organization levels.
• Ability to prioritize workloads and to know when to seek guidance. 

What We Offer:

• An opportunity to work with a global leader in technology and innovation.
• A collaborative and inclusive work environment that values your contributions.
• Professional growth and development opportunities.
• Competitive compensation and benefits package.

Our Culture: At Barco, our culture is centered around customer orientation, winning collaboration, and impactful innovation. We are committed to "Visioneering a bright tomorrow" and believe in the power of passionate employees to create meaningful change.

Join Us: If you are passionate about making a difference and want to be part of a forward-thinking company that values innovation and excellence, we invite you to apply for the Product Security Architect position. Together, we can shape the future of technology and create a better world.