Product Security Lead
Indexed description
As the Product Security Lead of Materialise Software, you will be accountable for the overall security posture and regulatory compliance of our products. You translate complex security regulations, customer expectations, and risk into clear decisions, priorities, and trade-offs, enabling product and engineering teams to deliver securely at scale. You own the security outcomes and risk decisions, not day-to-day security implementation.
What you will do
Key Accountabilities And Core Responsibilities
- Overall product security posture across our portfolio (CO-AM Platform, Magics)
- Interpretation of security legislation, standards, and customer requirements (e.g., ISO 27001, NIS2, NIST-based frameworks)
- Definition of product security objectives and non-functional requirements
- Explicit risk acceptance and exception management
- Product security strategy, roadmap, and prioritization
- External security posture towards customers, auditors, and regulators
Regulation and risk
- Assess the applicability of security regulations and standards
- Define pragmatic compliance intent and scope
- Identify, document, and accept residual product security risks[
- Ensure risks and exceptions are explicit, time-bounded, and owned
Strategy and alignment
- Define and maintain a product security strategy aligned with business goals
- Translate regulatory and risk drivers into a prioritized security roadmap
- Align security priorities with product and engineering planning cycles
Cross-functional leadership
- Partner closely with the:
- Product Management Team on roadmap alignment and customer commitments
- Engineering Management Team on delivery realities and investment trade-offs
- DevSecOps Lead on platform-level security objectives
- Security Architect on translating intent into secure designs
- CISO to align product security decisions with enterprise risk posture and regulatory obligations where applicable
- Act as an escalation point when security, product, and delivery priorities conflict
- Support the Engineering Delivery teams and Security Champions, such as improving their understanding of the security checklist
Governance and external trust
- Review security metrics and evidence produced by security engineering
- Support audits, certifications, and customer security assessments
- Represent the company’s product security posture externally when required
What this role does not do
- Design detailed system architectures
- Build or operate security tooling
- Review code or manage vulnerabilities day-to-day
- Directly manage security champions or software engineers
Your profile
Required Skills And Experience
- Strong understanding of product and cloud security in modern DevOps environments
- Experience working with security regulations and frameworks (ISO 27001, NIS2, SOC 2, NIST, FedRAMP, or similar)
- Proven ability to make and defend risk-based decisions
- Credibility with senior engineering and product stakeholders
- Clear written and verbal communication, especially around trade-offs
Experience profile
- 8+ years in software engineering, product security, or security leadership roles
- Experience in product-centric, engineering-driven organizations
- Exposure to regulated environments is strongly preferred
Success looks like
- Security expectations are clear and predictable for product and engineering
- Risk acceptance is explicit, documented, and rarely escalated late
- Engineering teams ship securely by default using platform guardrails
- Audits and customer security reviews are uneventful and well-prepared
Location and type of contract
- Leuven, Belgium; Barcelona, Spain
- Full-time
- Hybrid
- Mid-senior level
- CV in English
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search