Empresa: Johnson & Johnson
Descrição da vaga: At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more atFor more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day. Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world. Our diverse workforce and culture of belonging accelerate innovation to solve the world’s most pressing healthcare challenges.We know that the success of our business – and our ability to deliver meaningful solutions – depends on how well we understand and meet the diverse needs of the communities we serve. Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential.At Johnson & Johnson, we all belong.We are searching for the best talent for Principal Security Architect to be in São José dos Campos – SP.Purpose:The Principal Security Architect – Security Products is responsible for providing leadership and expertise in crafting the global security product architectures. One of their primary responsibilities is collaborating with squads to identify and implement robust security technology solutions! They work closely with these teams to understand their specific security needs and requirements, and then develop architecture designs, plans and strategies to address these efficiently.The Architect participates actively and directly within ISRM product squads to define the direct the overall technology architecture (enterprise, solution, and technical levels) to ensure effective and efficient protection is in place. This role combines technical expertise, critical thinking, leadership, and teamwork skills to define and partner within the product squads an integral member of the teams to ensure these robust security technology solutions are implemented on a global scale. They will be a crucial role in owning the specific product area(s) they are responsible for as an embedded squad member representing security architecture domain and working collaboratively with multi-functional partners worldwide to ensure the successful design, implementation, and optimization.The Architect will develop and partner on the global strategic vision owning for the security technology products they are aligning to with the overall security strategy. The individual will provide progressive thinking and leadership to the squad, setting clear architectural goals and defining investment and work effort priorities.The Architect, will (in partnership with product squads) provide the leadership role in new technology selection, providing global technical assessment, proof-of-concept, and vendor evaluation processes to select and drive the technology selection that best meet the strategy needs.You will be responsible for:
- Security Technology Planning and Design:
Partners with engineering and operational squad members to lead the planning, design, and implementation of technologies within assigned product squads. Ensuring alignment with global standard methodologies and regulatory requirements. Stay updated on emerging trends and technologies, lead global assessments and vendor evaluations, and collaborate with teams to integrate security needs into technology initiatives. Assist with communication plans, policy integration, compliance monitoring, and provides mentorship to promote security standard methodologies.
- Security Technology Governance & Product Performance and Optimization:
Communicates and ensures global security standards, leads governance processes, collaborates with the product security squad team, and provides independent insight into the performance and efficiency of technologies in production. Provide input to metrics, evaluate the security landscape, and identify areas for improvement and innovation.
- Collaboration with Office of the CTO and Councils:
Engages with technology teams and standards councils to validate and peer review technical security standards. Provides input and insights into the development and improvement of the company’s security policies, standards, and architecture.
- Analyses and Evaluates Technology:
Understands technology trends and their application to enable business models. They guide technology investment decisions, measure, and demonstrate enterprise technology value, design governance activities, coordinate technology selection, and assess organizational and financial impacts.
- Security Architecture and Design:
Collaborates with security product teams and architecture team to craft and implement robust security controls, establish secure network architectures, identity management protocols, encryption mechanisms, and logging/monitoring systems, and recommends and implements corrective measures to address security risks.QualificationsEducation:
- Bachelor’s degree in computer science, Information Security, or a related field.
Experience and Skills:Required:
- Advanced English
- Proven track record in information security technologies with a minimum of 5+ years of related Information Security Risk Management SME experience or a combination of 15+ years of combined experience
- A solid grasp of various security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, CIS Controls, and SOC2.
- Familiarity with industry-specific security standards, regulations, and requirements, (e.g., PCI DSS, HIPAA, GDPR, GxP etc.).
- Proficiency in Security Architecture and Design
Preferred:
- Knowledge and experience in designing and implementing secure architectures for sophisticated systems, networks, and applications.
- Extensive knowledge of a wide range of security technologies, tools, and solutions, including firewalls, intrusion detection/prevention systems, encryption, identity, and access management (IAM), vulnerability management, endpoint and cloud security technologies, including Secure Access Service Edge (SASE), Cloud Access Security Brokers (CASB), and Cloud Security Posture Management (CSPM).
Other:
- Strong collaboration and influencing skills; works effectively with cross-functional teams and senior leadership.
- A strong dedication to staying updated with the latest industry trends, security research, emerging technology. Solid grasp of security products and solutions available in the global market, and assess their suitability for enterprise-wide needs.
- Knowledge of security audit methodologies, controls testing, and remediation planning.
- Excellent written and verbal communication skills, with the ability to convey sophisticated technical concepts to both technical and non-technical partners.
- Demonstrable ability to adapt to changing security landscapes, emerging technologies, and new regulatory requirements.
- Strong analytical and problem-solving skills, identify potential security risks or weaknesses and develop effective strategies for mitigation
- Efficiently works with virtual, global teams – including diverse groups of people with varied backgrounds and cultural experiences.
·<10% Travel requirement
Localização: São José dos Campos – SP
