Loading...
Share this Job

VP, Product Security

Apply now »

Date: Sep 23, 2021

Location: Offsite, FL, US

Company: Nielsen

VP, Product Security - 103741

Legal - USA Offsite, Offsite 

 

Overview

Nielsen, the leading company in advertising measurement and outcomes, is searching for an exceptional candidate to lead its Product Security organization.  As Nielsen constantly innovates to maintain its leadership in an ever-evolving marketplace, it's Vice President of Product Security will ensure that Nielsen's platforms and applications are built securely.

 

The VP of Product Security leads a team focused on secure software development and cloud security through strong integration and "shifting left" of best security practices in the DevSecOps lifecycle.  

 

A strong candidate for this role will need to maintain a strong understanding of evolving business needs, build a culture of security in software engineering, and partner with DevOps teams to productize scalable security controls.

 

Responsibilities
Application and Platform Security

  • The VP, Product Security will lead Nielsen’s security strategy for our go-to-market products and platforms. In joint collaboration with Product Leadership, DevOps and Engineering teams, the VP of Product Security shall lead the product security team to:
    • Embed security measures into the product and software development lifecycle 
    • Develop a rigorous standard for threat modeling products and applications
    • Implement static and dynamic security analysis measures throughout the software development lifecycle
    • Maintain an effective penetration testing program
    • Partner with the SOC to establish application security logging and monitoring capabilities
    • Define scalable Cloud Security architectural patterns and templates
    • Enhance Cloud Security posture through tooling, automation, and other means
    • Develop Cyber risk profiles for each Nielsen product that include risk mitigation strategies
    • Ensure that DevOps teams are effectively and actively managing application vulnerabilities.
    • Provide expert cybersecurity and DevSecOps consulting to internal Nielsen teams


Cybersecurity as a Product
Nielsen is committed to a DevOps culture where best security practices are integrated, understood, and thrive--resulting in true DevSecOps. This is achieved through the utilization of modern technologies to automate security controls. As a Cloud-first organization, we operate and develop in an ecosystem where deployment and CI/CD pipelines can embed security measures that can achieve speed and scalability through technology. The VP of Product security will lead the Product Security team and collaborate with DevOps teams to:

  • Build “security as code” that prevents and automates away common cloud misconfigurations based upon insights from Cloud Posture Management tools
  • Build “Known Secure” reusable components (such as common authentication, for example) that enable engineering teams to quickly bring products to markets efficiently.

 

Engineering & Developer Partnership
To effect and maintain a culture of security within Nielsen’s engineering, technology, software development, business and operations teams, the VP of Product Security with the Product Security team must:

  • Maintain and open, collaborative, and consultative culture supported by outreach and education
  • Serve as the “Trust Officer” for not only internal organizations, but for clients and partners as it pertains to Nielsen’s cybersecurity practices and application security 
  • Partner with teams early and proactively
  • Share knowledge and actively bridge relationships into other verticals in the Cybersecurity organization
     

 Qualifications 

  • 8+ years of experience in application,product, and general cyber security with sufficient knowledge of modern DevSecOps technologies such as:
    • Containers (Docker, Kubernetes, etc.)
    • Infrastructure as code (Docker, Ansible, Chef, Terraform, etc.)
    • Continuous integration / Continuous Deployment (Jenkins, etc.)
    • Integration of Security testing tools into pipeline
    • Defect and Issue tracking (Jira, ServiceNow etc.)
    • Source code management (GitLab, Github, BitBucket, etc.)
    • QA Testing tools (nUnit, jUnit, Selenium, Cucumber, etc.)
    • Application security testing tools (SAST, DAST, IAST, OSA, etc.)
    • Cloud Posture Assessment Tools
    • Cloud configuration Drift Detection
    • Unix, Linux, and Windows 
    • Cloud environment (AWS, Azure, GCP, etc)
  • 5+ years of experience managing application and product security teams
  • Excellent written and verbal communication skills, with the ability  to communicate security objectives and concepts to engineering and business teams
  • Understanding of application and product architectures, programming languages, web application stacks, and SDLC pipelines
  • Extensive experience defining, developing and implementing secure architecture standards, policies, KRI/KPIs, process and procedures,have critical thinking and take an analytical and logical approach to problem-solving,self-motivator and keep learning attitude and forward-leaning security mindset; proactively tackles issues and keeps work moving forward
  • Strong communication and interpersonal skills; capable of understanding business needs and translating them into architectural standards/diagrams; able to translate complex data and architectural concepts and principles into easily-understanding information by LOBs; ability to design and deliver architectural presentations to IT, senior leadership, and business partners
  • Must have proven experience communicating with, and influencing senior business and technology leaders.
  • Deep understanding of security for computing platforms across a Hybrid Cloud Environment (IaaS, PaaS, SaaS, legacy on-prem models).
  • Industry related certification such as Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Ethical Hacker (CEH), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Security Professional (CISSP) are valued.

#LI-LE1

 
 

ABOUT NIELSEN

By connecting clients to audiences, we fuel the media industry with the most accurate understanding of what people listen to and watch. To discover what audiences love, we measure across all channels and platforms⁠—from podcasts to streaming TV to social media. And when companies and advertisers are truly connected to their audiences, they can see the most important opportunities and accelerate growth.

 

Do you want to move the industry forward with Nielsen? Our people are the driving force. Your thoughts, ideas and expertise can propel us forward. Whether you have fresh thinking around maximizing a new technology or you see a gap in the market, we are here to listen and take action. Our team is made strong by a diversity of thoughts, experiences, skills, and backgrounds. You’ll enjoy working with smart, fun, curious colleagues, who are passionate about their work. Come be part of a team that motivates you to do your best work!  

Nielsen is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, protected veteran status or any other protected class.

Job Type: Regular 

Primary Location:  Offsite,Offsite 

Secondary Locations: FL - Tampa - Oldsmar, , , 

Travel:  No