Sales Executive at Johnson Controls connecting businesses with security solutions and managing customer relationships. Expanding accounts and driving results in commercial security technologies.
About the role
- Security Specialist focused on information security practices for Riachuelo's products and services. Design and implement secure systems architecture while mitigating risks and ensuring compliance.
Responsibilities
- Ensure that information security rules and best practices are applied across all products and services offered and contracted by Midway.
- Secure application design: responsible for developing and implementing application architectures that incorporate security principles from inception, ensuring protection against digital threats and compliance with security standards.
- Apply methodologies to strengthen security during the early phases of the solution lifecycle, promoting the use of best practices across technology environments.
- Act as the focal point for Midway's Board regarding information security matters.
- Create and implement application architectures with a security-focused approach, applying Security by Design principles to protect applications and systems from conception.
- Perform detailed analyses during application integration to identify and mitigate potential vulnerabilities, ensuring security across the solution architecture.
- Update and maintain a comprehensive library of security controls and requirements, making it available as a reference for secure development and ensuring adherence to industry best practices.
- Implement Threat Modeling during the analysis and planning phases of solutions, assessing risks to reinforce the security of application design.
- Design robust security controls in system and solution architectures, aligning with frameworks such as CIS Controls, CSA CCM, NIST and ISO/IEC 27000 to maintain compliance with security standards.
- Implement the Zero Trust concept and the Principle of Least Privilege within designed architectures, minimizing the risk of unauthorized access and promoting a proactive security posture.
- Apply expertise in cloud computing platforms (Azure, GCP, OCI, SAP Cloud) and API solutions to create secure and scalable environments, aligning with specific cloud security requirements.
Requirements
- Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Systems or related IT fields.
- Information security certifications such as ISO/IEC 27001, ITIL, Security+ and product-specific security certifications.
- Languages: Advanced English.
- Advanced knowledge in:
- SDLC (Software Development Life Cycle)
- Threat modeling (STRIDE, MITRE ATT&CK)
- Ability to interpret system architectures to identify information security risks and propose mitigations
- Deep knowledge of operating systems, networks, data structures and cloud environments (AWS, GCP, Azure, OCI)
- Experience implementing security controls in cloud computing solutions (IaaS, PaaS, SaaS)
- Experience with security controls for networks, operating systems, web and mobile applications, REST APIs and databases
- Knowledge of system integration with identity providers (SAML, OIDC, SCIM)
- Knowledge of data encryption
- Knowledge of secure development techniques
Benefits
- Health insurance
- Dental insurance
- Meal allowance
- Grocery allowance
- Gympass
- Childcare assistance
- Culture voucher
- Home office stipend
- PPR – Results Participation Program (performance-based bonus)
- Private pension plan
- Group life insurance
- Educational partnerships
- Discounts at Riachuelo
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Business Information Security Officer leading Cyber Security Risk & Control maturity at Coles. Collaborating closely with Customer & Digital team to enhance security frameworks and controls.
Enterprise Security Architect responsible for security architecture in Novartis' Digital Workspace. Collaborating with teams to ensure implementations meet security policies and industry standards.
Lead Product Security at Bupa, driving cybersecurity in digital products and cloud platforms. Oversee security frameworks, manage teams, and ensure compliance with industry standards.
IT Audit Senior managing client expectations and delivering detailed audit analyses and findings. Collaborating with management on IT audit engagements in a leading advisory firm.
Enterprise Security Architect specializing in Digital Workspace security at Novartis. Responsible for ensuring security standards and practices across IT functions and collaborating with various teams.
Cyber Security Engineer responsible for administering security tools and projects. Collaborating with stakeholders to ensure the overall Cyber Security of the firm.
Facility Security Officer responsible for developing and administering security programs for classified materials. Overseeing compliance with federal security regulations at the Rochester, NY site.
Security Support D managing security processes essential for classified operations. Focused on document control, compliance, and training within a regulated environment.
Intern supporting cybersecurity consulting with Guidehouse's federal clients. Engaging in hands - on projects and learning development opportunities within a structured internship program.