Principal Security Architect (Security Products) – São José dos Campos, Brasil (1 of 2)

Empresa: Johnson & Johnson

Descrição da vaga: Johnson & Johnson is currently seeking a Principal Security Architect – Security Products to join our ISRM team located in San Jose Dos Campos.At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more atFor more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day. Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world. Our diverse workforce and culture of belonging accelerate innovation to solve the world’s most pressing healthcare challenges.We know that the success of our business – and our ability to deliver meaningful solutions – depends on how well we understand and meet the diverse needs of the communities we serve. Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential.At Johnson & Johnson, we all belong.This position involves shaping & defining global in-depth security product architectures, embedded in the security technology squads the principal is assigned to, leading evaluations of new technologies and solution section decision rights, act as a trusted advisor to technology vendors and service providers worldwide, building and maintaining strong relationships to ensure effective global communication, contract management, and vendor relationship management.Role:The Principal Security Architecture – Security Products is responsible for providing leadership and expertise in shaping the global security product architectures. One of their primary responsibilities is collaborating with product squads to identify and implement robust security technology solutions. They work closely with these teams to understand their specific security needs and requirements, and then develop architecture plans and strategies to address those needs effectively.The Principal Security Architecture – Security Products participates actively and directly within ISRM product squads to define the direct the overall technology architecture (enterprise, solution, and technical levels) to ensure effective and efficient protection is in place across all key product areas. This role combines technical expertise, strategic thinking, leadership, and collaboration skills to define and partner within the product squads an integral member of these teams to ensure these robust security technology solutions are implemented on a global scale. The Principal Architect will play a crucial role in leading the specifical product areas that he/she is responsible for as an embedded squad member representing security architecture domain and working collaboratively with cross-functional stakeholders worldwide to ensure the successful design, implementation, and optimization of security technology products.The Principal Architect, Security Architecture – Security Products will develop and execute the global strategic vision for the security technology products he/she is aligning to with the overall security strategy and ensuring global business objectives. The Principal Architect will provide visionary leadership to the security technology products squad, setting clear architectural goals and defining priorities.The Principal Architect, Security Architecture – Security Products will (in partnership with product squads) provide the leadership role in new technology selection, providing global technical assessment, proof-of-concept, and vendor evaluation processes to select and drive the implementation of security technology products that best meet the global security strategy needs.QualificationsRequired:

• Bachelor’s degree in computer science, Information Security, or a related field.
• Minimum of 12 years of experience in information security technologies with a minimum of 5+ years of related Information Security Risk Management SME experience or a combination of 15+ years of combined experience
• In-depth Knowledge of Security Frameworks and Standards

o A strong understanding of various security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, CIS Controls, and SOC2.o Familiarity with industry-specific security standards, regulations, and requirements, (e.g., PCI DSS, HIPAA, GDPR, GxP etc.).

• Proficiency in Security Architecture and Design:

o Knowledge and experience in designing and implementing secure architectures for complex systems, networks, and applications.o Understanding of secure coding practices and secure software development life cycle (SDLC) methodologies.

• In-depth and practical Knowledge across key Security Technologies

o Comprehensive knowledge of a wide range of security technologies, tools, and solutions, including firewalls, intrusion detection/prevention systems, encryption, identity, and access management (IAM), vulnerability management, endpoint protection and cloud security technologies, including Secure Access Service Edge (SASE), Cloud Access Security Brokers (CASB), and Cloud Security Posture Management (CSPM).

• Strong knowledge of security products and solutions available in the global market, with the ability to assess their suitability for enterprise-wide needs.
• Knowledge of security audit methodologies, controls testing, and remediation planning.
• Excellent written and verbal communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
• Strong collaboration and influencing skills, with the ability to work effectively with cross-functional teams and senior leadership.
• A strong commitment to staying updated with the latest industry trends, security research, emerging threats, and evolving standards.
• Demonstrated ability to adapt to changing security landscapes, evolving technologies, and new regulatory requirements.
• Strong analytical and problem-solving skills, with the ability to identify potential security risks or weaknesses and develop effective strategies for mitigation with the ability to collaborate effectively with technical and non-technical stakeholders.
• Effectively works with virtual, global teams – including diverse groups of people with varied backgrounds and cultural experiences.

Preferred Qualifications:

• MS and/or advanced degree preferred.
• Certifications in related areas (e.g. SANS GPEN/GWAPT/GXPN, OSCP, CEH) are a plus
• AWS Certifications – AWS Solutions Architect (Associate), AWS Security Specialty are a plus
• Core understanding of IP Networking, routing, VPNs.
• Some visualization tool knowledge (i.e., Tableau, Power BI)
• GxP background an asset (desirable, but not required)

Localização: São José dos Campos – SP