Security Architect

Embed security by design across software, cloud, and connected products - powering a secure energy transition.

Your role

As Security Architect, you play a pivotal advisory role in shaping secure-by-design architectures across our digital products, cloud platforms, data solutions, and connected hardware such as cloud connected heat pumps. You act as the technical expert for security roadmaps, ensuring alignment with evolving European regulations such as the Cyber Resilience Act, RED Delegated Act, and Data Act. By guiding architecture decisions, managing security-related dependencies and timelines, and supporting clear communication across teams, you help ensure that our solutions remain compliant, resilient, and ready for the future.

This is a hybrid role, based out of Apeldoorn, the Netherlands. You are invited to work on-site at the office for a minimum of one day per week, preferably two. We support your home office set-up, travel costs, and provide flexibility regarding hybrid work.

Your team

You will join the Digital & Controls (DaC) team at BDR Thermea Group/BDRThermeaGroup, a diverse, international group of engineers, architects, and product leaders working at the intersection of software, hardware, and data. Together, the team develops secure digital platforms, connected products, and IoT-enabled heating and cooling solutions that support our ambition to accelerate the energy transition.

You will collaborate closely with security, architecture, and business stakeholders across the Netherlands and Europe, including Group Information Security, in an environment where knowledge sharing, partnership, and long-term impact are valued.

Your key tasks

• Define and implement security architecture standards aligned with business and regulatory requirements, including the RED Delegated Act and the Cyber Resilience Act (CRA).
• Collaborate with development teams and other stakeholders in the Digital and Controls (DaC) Business Unit to ensure secure design choices and integrate security by design into solution development, from concept to deployment.
• Actively participate in the architecture community in DaC and bring security top-of-mind to the architects’ work across (embedded) software, cloud platform, and hardware development.
• Maintain awareness of emerging threats and evolving attack vectors.
• Work closely with the Group Information Security Officer to align security strategies and governance and to conduct risk assessments and threat modelling for new and existing systems.
• Foster cross-domain collaboration and actively engage with international teams to ensure consistent security practices across the organisation.

What you bring

• At least 5 years of experience in Information Security, as a Security Architect, Senior Security Engineer or in a similar role with a focus on product, app, and cloud security for complex systems.
• Strong knowledge of security frameworks (e.g., ISO 27001, NIST, OWASP) and European regulatory requirements such as the RED Delegated Act and the Cyber Resilience Act (CRA).
• Expertise in threat modelling, secure coding, security architecture and risk management.
• Familiarity with cryptography and secure software practices (e.g. secure boot, OTA, SBOM, mobile apps & cloud security).
• Solid communication skills in English and ability to work effectively in international, cross-functional teams.
• Ability to translate complex security concepts into actionable guidance for technical and non-technical stakeholders.
• A proactive mindset and passion for contributing to the energy transition.
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Preferably, you also bring:

• Experience with embedded systems and/or electronics.
• Experience with cloud services and wireless standards (e.g. BLE, 4G/5G, Wi-Fi, ZigBee/Matter).

What we offer

• A permanent contract.
• Solid monetary compensation and a strong pension package.
• A healthy work-life balance with 40 holiday days per year (27 of your own choosing plus 13 office closure days), based on a full-time contract.
• Flexible home-working policies and a home-office budget.
• Discounts on our products and insurances.
• The opportunity to join a company in the heart of the energy transition and build a flourishing career.

About the company

At BDR Thermea Group/BDRThermeaGroup, we bring the energy transition closer every day. Serving customers in more than 100 countries with a diverse team of 7,000, we are united by a shared mission to create a sustainable future through smart indoor climate solutions.