Security Architect

Our mission

Better healthcare outcomes depend on data that is not only accurate and connected, but trusted and protected. LOGEX holds financial, operational, clinical and pathway data for healthcare providers across Europe — some of the most sensitive data there is. Keeping it secure is not a compliance afterthought; it is core to the trust our customers place in us.

This is a hands-on role. You will not just design security — you will build it, fix it and operate it.

The role

LOGEX is a growing, acquisitive healthcare-analytics business, and our security maturity needs to catch up with the value and sensitivity of the data we hold. We are not looking for a high-level corporate or enterprise architect who works only at the level of frameworks and diagrams. We are a focused organisation that needs a practitioner: someone who sets clear security architecture and standards and then rolls up their sleeves to implement them.

As a Security Architect, you will report directly to the Head of Information Security & Compliance and define how security is built into our platforms, pipelines and cloud environment — and you will be deeply involved in making it real. Your working context is focused on software and data engineering: you will work shoulder-to-shoulder with our software and data engineering teams, embedding secure-by-design practice, closing concrete gaps, and raising the baseline across a distributed, multi-country engineering organisation. Your success is measured in risks actually reduced and controls actually shipped, not in documents produced.

What you will own

Security architecture and standards. Define practical, enforceable security architecture, patterns and standards for LOGEX’s platforms, applications and cloud — and keep them grounded in what engineers can actually implement.

Secure-by-design in the SDLC. Embed security into the software development lifecycle — threat modelling, secure coding guidance, code and design review, and security gates in CI/CD that engineers can live with.

Cloud and platform security. Own the hands-on hardening of our cloud environment and platform — identity and access, network segmentation, secrets management, encryption, configuration and posture.

Vulnerability and posture management. Drive the identification, prioritisation and remediation of vulnerabilities across the estate, working directly with engineering teams to close them, not just to log them.

Detection and response support. Help design and improve logging, monitoring and detection, and support incident response with practical, technical involvement when it matters.

Compliance by design. Translate the requirements of a regulated healthcare-data business (GDPR, ISO 27001 and similar) into concrete technical controls, in partnership with Information Security & Compliance, Legal and the DPO.

Your impact and responsibilities

• Define pragmatic security architecture, patterns and standards — and then help implement them hands-on

• Threat-model new and existing systems, and turn findings into concrete engineering work

• Harden the cloud environment and platform — IAM, network, secrets, encryption and secure configuration

• Embed security into CI/CD with practical gates, scanning (SAST/DAST/SCA) and secure-by-design guidance

• Drive vulnerability remediation end-to-end, working directly with engineers to close real issues

• Review designs, code and infrastructure-as-code for security, and pair with engineers to fix what you find

• Improve logging, monitoring and detection, and support incident response with hands-on technical depth

• Set and uphold secure-coding and secrets-handling standards across distributed teams

• Translate GDPR, ISO 27001 and customer security requirements into concrete technical controls

• Coach engineers on secure practice, raising the security baseline without becoming a blocker

• Help shape the security roadmap and prioritise the work that reduces the most risk first

Your profile
We are looking for a hands-on security practitioner who combines solid security architecture judgement with the engineering depth to implement it themselves.

Experience

• Strong experience in a hands-on security engineering or security architecture role, ideally in a software or cloud-native business

• A track record of designing security and then implementing it — not only producing architecture and policy

• Experience embedding security into engineering teams and the SDLC across distributed environments

• Experience working in regulated environments (healthcare, financial services or similar) is an advantage

Technical depth

• Strong, current cloud security skills (for example Azure or GCP) — IAM, network, secrets, encryption and posture

• Hands-on with application and platform security — threat modelling, secure coding, SAST/DAST/SCA and CI/CD security

• Practical experience with vulnerability management and concrete remediation, not just scanning and reporting

• Good scripting / coding ability (for example Python) and comfort with infrastructure-as-code

• Working knowledge of relevant standards (GDPR, ISO 27001, NIST, OWASP) and how to apply them in practice

• Conceptually strong — able to articulate and visualise security concepts clearly for both technical and non-technical audiences

• Ability to set clear security standards and challenge weak practice without becoming overly theoretical

Delivery and execution

• Strongly outcome-driven — measured by risks reduced and controls shipped, not documents produced

• Strong execution bias — turning security intent into practical, delivered improvements

• Experience leading through ambiguity and creating clarity where security maturity is still developing

Personal style

• Calm, credible and structured, with a strong focus on execution

• Hands-on and pragmatic; comfortable moving between architecture and detailed technical work

• A strong communicator who can guide engineers and explain risk to non-technical stakeholders

• Collaborative — raises the security bar by partnering with engineers, not policing them

• Willing to travel moderately across LOGEX’s locations

Why LOGEX?

• 25 vacation days (based on full-time employment) to recharge, with the option to purchase additional days

• An informal working environment with motivated colleagues

• The possibility to work in a hybrid setup

• A laptop and everything you need to set up a comfortable and ergonomic home office

• Personal and professional development opportunities through our LOGEX Academy

• Access to our mental health partner, OpenUp

• Regular after-work drinks and many more social events

Contact us!

You can apply via the button below and upload your CV. For more information, or in case you have any
questions, you can contact Wesley Schreuder at wesley.schreuder@logex.com

Our company is dedicated to building a workplace that promotes equity, diversity, and inclusion, and we believe that a diverse workforce is essential to our success. As we strive to create a workplace where everyone feels valued and respected, regardless of their culture, gender, sexual orientation, age, religion, or any other characteristic, we encourage everyone to apply.