Product Security Manager, Solution Services
Job Description
Our Cybersecurity team works diligently to ensure NielsenIQ’s software, hardware, and related components are protected from cyber-attacks. We’re constantly developing new security systems, analyzing current systems for vulnerabilities, and handling cyber-attacks in an efficient and effective manner worldwide.
As a Product Security Manager, Solution Services, you will be responsible for an end-to-end product security architecture for hybrid and multi-cloud environments. In this role, the ideal candidate will help define and build security strategy, roadmap, security reference architecture, governance, identity, and security maturity model. The position will involve working closely with various business units, technical and non-technical stakeholders to drive widespread cybersecurity programs and adoption. The position will also drive the innovation, evaluation, execution, and improvement of NIQ cyber security solutions/technologies to solve the security challenges throughout hybrid environments, on-premise, and in the clouds.
What you’ll do
Build NIQ’s security architecture strategy and roadmaps to support business objectives, use cases, risk assessments, gap analysis, and design a comprehensive adaptive security architecture model that reflects NIQ’s adoption of Zero Trust security principles
Lead the Solutions Services team to establish a strategic roadmap for product security architecture that includes end-to-end protections, identity, cloud, and application.
Build security maturity model for NIQ and its corresponding strategic plans and roadmaps to achieve realistic security goals through continuous security and continuous improvement mindset, processes, establish baseline security standards for cloud, data, application, identity, OS, network, web, mobile, and API stacks
Lead and collaborate the security architecture design review and change review processes and provide security consulting and/or approval to ensure that security architecture adequately addresses strategy plans, environmental changes, and proposed architecture designs
Proactively and systematically provide new security technology and capability recommendations based on the ever-evolving threat landscape, attack vectors, and cloud adoption and migration processes
Responsible for managing the product security platforms (tools and technology), support new initiatives, POCs, risk assessment, and critical applications/systems in an advisory capacity as a security SME
We’re looking for people who have
Bachelor’s degree in Computer Science; or 15+ years of equivalent experience. Advanced degree preferred
Experience with leading an information security architecture team in a complex, multi-faceted IT environment
Solid understanding of cloud providers’ native security offerings and capabilities, their well-architectured security frameworks, cloud adoption and migration best practices, and integration security reference architectures
Demonstrated breath of knowledge of information security pillars (Application, Network Security, key management/PKI, Vulnerability Management, IAM, SSO, Federation, application security testing, threat modeling, data encryption, endpoint protection, cloud security posture management, cloud workload protection, CASB, SIEM and continuous security monitoring, assessment, and response)
Experience working with container technologies (Docker, Kubernetes, Twistlock, Redlock) and serverless/microservices architecture in different cloud environments, understanding of SSDLC, DevOps, DevSecOps, and CI/CD pipeline
Strong communication and interpersonal skills; capable of understanding business needs and translating them into architectural standards/diagrams; able to translate complex data and architectural concepts and principles into easily-understanding information by LOBs; ability to design and deliver architectural presentations to IT, senior leadership, and business partners
Extensive experience defining, developing and implementing secure architecture standards, policies, KRI/KPIs, process and procedures,have critical thinking and take an analytical and logical approach to problem-solving,self-motivator and keep learning attitude and forward-leaning security mindset; proactively tackles issues and keeps work moving forward
Strong understanding of security architecture fundamentals (SABSA, OSA), security frameworks(ISO 27000, CSA, OWASP, and NIST), and setting best practices for creating processes to implement reusable security pattern.Thorough technical understanding of IAM, cloud, application and infrastructure technologies, services, and components, with practical design, implementation, and operations experience at an Enterprise scale
Strong technical experience with authentication architecture and implementation, including SSO, MFA, federation, including innovative modern authentication concepts such as passwordless, step-up, and adaptive behavioral authentication, Microsoft Active Directory and Azure Active Directory, including utilizing these technologies for authorization and authentication, knowledge with application security, cloud and identity security experience in a DevOps and multi-cloud (Azure, GCP, AWS) environments, automated testing tools, Azure DevOps or other development lifecycle apps, familiarity with the Agile methodology
The following certifications are desirable, but not mandatory: CISSP,CISSP-ISSAP, Azure/GCP/AWS Architect/Security certifications
Additional Information
All your information will be kept confidential according to EEO guidelines.
About NielsenIQ
NielsenIQ is a global measurement and data analytics company that provides the most complete and trusted view available of consumers and markets worldwide. We provide consumer packaged goods manufacturers/fast-moving consumer goods and retailers with accurate, actionable information and insights and a complete picture of the complex and changing marketplace that companies need to innovate and grow. Our approach marries proprietary NielsenIQ data with other data sources to help clients around the world understand what’s happening now, what’s happening next, and how to best act on this knowledge. We like to be in the middle of the action. That’s why you can find us at work in over 90 countries, covering more than 90% of the world’s population. For more information, visit www.niq.com.
NielsenIQ is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, protected veteran status or any other protected class.