• Develop and maintain the overall security architecture strategy and consistent reference architectures across cloud and global data centers. • Lead Threat Modeling and Risk Assessments for vendor technologies and complex system integrations. • Serve as a technical security consultant for product development teams, ensuring security is integrated into product roadmaps. • Partner with the Data Governance team to define and implement modern data protection standards across all Nielsen environments. • Architect the next iteration of Nielsen’s Security Service Edge (SSE), including device posture, access control, and micro-segmentation strategies. • Collaborate with Cybersecurity, Network Operations, and Cloud Operations teams to prioritize work based on risk profiles and threat models. • Support vendor relationships for cybersecurity technologies and lead root cause investigations during technical defects.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This role involves protecting sensitive data and ensuring compliance with security standards. - Develop and maintain security controls - Manage incidents - Align the organization's security strategy with business objectives - Collaborate with different departments to foster a culture of information security Qualifications - Bachelor's degree in related fields: Computer Science, Information Systems, Computer Engineering, Computer Networks, Security of Information, or related areas - Desirable postgraduate degree or specialization in Information Security, LGPD, or Risk Management - Desired certifications: ISO/IEC 27001 Lead Implementer or Auditor, ITIL Foundation or higher, CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) - Experience in Information Security with a focus on policy definition and documentation, audits, and risk assessments Requirements - Solid knowledge of information security standards and frameworks (LGPD, ISO 27001, NIST CSF, COBIT, ITIL, etc.) - Ability to develop and maintain organizational security controls - Understanding of corporate risk management related to IT and cybersecurity - Experience in incident management, particularly cyber incidents from a procedural and regulatory standpoint - Familiarity with GRC (Governance, Risk, and Compliance) tools is a plus Benefits - Health Plan - Dental Plan - Life Insurance - Child care assistance - Transportation allowance - Meal or food allowance - Benefits Club - Access to Wellhub - Consultation with an online personal trainer

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This role involves directing the development, implementation, and management of effective security strategies at multiple DES facilities in assigned areas of responsibility. - Develops, implements, and maintains security processes, practices, and policies to reduce risks and respond to critical incidents. - Assists in mitigating security situations involving contract security personnel, employees, and/or clients. - Identifies witnesses, liaises with law enforcement and/or emergency personnel as necessary, and assists in investigative activities. - Directs the workflow for the security staff within the assigned region and reviews post orders at various facilities. - Establishes training programs and provides instruction for security personnel. - Performs physical security spot checks at facilities to ensure compliance with all applicable policies, standards, and contract requirements. - Oversees the tracking and trending of employee and visitor security. - Conducts security assessments of assigned facilities in the field. Qualifications - Knowledge of federal, state, and local laws relating to security, law enforcement, search and seizure, arrest, and use of force procedures. - Effective management and leadership skills. - Understanding complex written documents and policies. - Ability to establish effective working relationships, both internal and external to the Department. Requirements - Travel required for State business. - Must complete any required driver training and have an acceptable driving record. - Must successfully pass background and reference checks. - Must have a valid Level One fingerprint clearance card. - Must obtain ACJIS Terminal Operator Certification within 30 days of hire. Benefits - Affordable medical, dental, life, and short-term disability insurance plans. - Participation in the Arizona State Retirement System (ASRS) and long-term disability plans. - 10 paid holidays per year. - Paid vacation and sick time. - Paid Parental Leave - Up to 12 weeks per year paid leave for newborn or newly-placed foster/adopted child. - Deferred compensation plan. - Wellness plans. - Tuition Reimbursement. - Stipend Opportunities. - Infant at Work Program. - Rideshare and Public Transit Subsidy. - Career Advancement & Employee Development Opportunities.

• Secure Products & Infrastructure: Design, implement, and maintain security controls across applications, infrastructure, and CI/CD pipelines. • Embed security requirements aligned with SOC 2, ISO 27001, and internal standards. • Drive adoption and operationalization of SAST, DAST, container scanning, IaC security, and dependency analysis tooling. • Integrate automated security testing into the SDLC to enable secure-by-design development. • Offensive Security & Vulnerability Management: Lead application security reviews, threat modeling, vulnerability assessments, and penetration testing. • Validate and prioritize findings based on exploitability and business impact. • Partner with engineering teams to ensure timely, measurable remediation. • Proactively identify and demonstrate security weaknesses to improve overall product resilience. • Incident Response & Risk Reduction: Support investigation of product and infrastructure security incidents. • Contribute to root cause analysis and durable remediation strategies. • Identify systemic control gaps and implement long-term risk mitigation measures. • Compliance & Assurance: Support product-level security reviews and audit activities. • Coordinate evidence collection and control validation for SOC 2, ISO 27001, and enterprise requirements. • Translate compliance requirements into actionable engineering controls. • Cross-Product Security Leadership: Develop and maintain security expertise across multiple Mirantis products. • Standardize security practices and tooling across teams. • Strengthen program scalability and reduce single-point-of-failure risk. • Security Advocacy & Enablement: Champion secure design principles and modern application security practices. • Provide actionable guidance during architecture and code reviews. • Drive continuous improvement and automation across the SDLC.