Help shape and strengthen the security foundation at VELUX 

We are looking for a Cybersecurity Architect to join our cybersecurity team and play a key role in shaping how security is built into our technology landscape. 

This is a role for someone with broad cybersecurity knowledge and strong architectural thinking, combined with deeper expertise in either Identity and Access Management (IAM) or DevSecOps.

You will help define the technical direction for cybersecurity, support major strategic initiatives, and work closely with colleagues across IT and the business to ensure security is built in from the start. 

You will be part of a team working to strengthen cybersecurity across the VELUX Group through clear architecture principles, practical guidance, and continuous improvement. The role combines long-term roadmap ownership with hands-on involvement in strategic projects and technical decision-making. 

What you will be doing 

As Cybersecurity Architect, you will help define and drive the technical cybersecurity roadmap and ensure that security architecture supports both business priorities and the wider cybersecurity strategy. 

Your responsibilities will include: 

• Owning and driving the technical cybersecurity roadmap 

• Acting as a cybersecurity subject matter expert in strategic initiatives and transformation programmes, such as cloud security initiatives and regulatory implementation projects  

• Defining and maintaining security architecture principles, standards, and reference patterns 

• Providing architectural guidance across key cybersecurity domains, including identity, cloud, application, infrastructure, data, and network security 

• Bringing deep expertise in either: 

• IAM, including identity architecture, authentication, authorisation, privileged access, federation, and lifecycle management, or 

• DevSecOps, including secure software delivery, CI/CD security, automation, code scanning, secrets management, and infrastructure-as-code security 

• Contributing to the development of the wider cybersecurity strategy and helping turn strategy into actionable technical plans 

• Driving technical cybersecurity improvement initiatives across the organisation  

• Working closely with enterprise architects, infrastructure teams, cloud teams, application teams, and risk and compliance stakeholders to embed security by design 

• Reviewing solution designs and major change initiatives to ensure alignment with security architecture principles 

• Monitoring trends, threats, and new technologies to continuously improve the organisation’s security capabilities 

• Maintaining clear architecture documentation, roadmaps, and design standards 

What we are looking for 

We are looking for someone who can combine strategic thinking with practical architectural guidance.

You should be comfortable working across a broad cybersecurity landscape while also bringing deeper expertise in either IAM or DevSecOps. 

We expect that you bring: 

• Experience working in cybersecurity, with a strong background in security architecture, security engineering, or a similar technical role 

• Broad knowledge across multiple cybersecurity domains and the ability to assess end-to-end security impacts across systems, platforms, and applications 

• Experience designing and implementing security architecture in cloud environments, ideally Azure 

• Understanding of cybersecurity frameworks, standards, and relevant regulatory requirements (e.g. Cyber Resilience Act) 

• Experience supporting major technology or transformation programmes as a trusted security advisor 

• Ability to define target-state architectures, roadmaps, and transition plans 

• Understanding of secure architecture principles across cloud, hybrid infrastructure, enterprise applications, APIs, and data platforms 

• Strong communication and stakeholder management skills, with the ability to work across both technical and non-technical teams 

• A pragmatic and risk-based approach to security decision-making