Skip to main content
Mars

Senior Security Architect

4w

Mars

São Paulo, BR · Full-time · BRL 250,000 – BRL 350,000

About this role

The Enabling Services SR Security Architect is responsible for defining, governing, and evolving security standards and reference architectures across Enabling Services, aligned with the Mars Cybersecurity Framework. This role ensures a consistent, risk-based, and secure-by-design approach across cloud, network, data protection, SRE, and infrastructure domains.

Day-to-day responsibilities include establishing governance models, leading threat modeling and risk assessments, and designing secure reference architectures for multi-cloud and hybrid environments. The architect enforces principles like least privilege, defense-in-depth, and zero trust while defining baseline security controls.

Working within the Enabling Services team, this role collaborates with SecOps, DevSecOps, and infrastructure teams to embed security into CI/CD pipelines and promote Infrastructure-as-Code security. The architect also defines requirements for logging, monitoring, SIEM integration, and incident response frameworks.

This position offers the opportunity to drive security automation, policy-as-code, and continuous compliance monitoring, enabling secure digital transformation and regulatory adherence. The architect will shape strategic security direction across a global organization.

Requirements

  • Expertise in cloud platforms (AWS, Azure, GCP), network security, infrastructure, and backup & DR.
  • Experience with observability tools (Azure Monitor, Datadog) and SIEM/SOAR capabilities.
  • Deep knowledge of security frameworks: NIST CSF, NIST 800-53, CIS, ISO 27001.
  • Proficiency in DevSecOps practices, Infrastructure-as-Code (IaC), automation, and SRE.
  • Strong strategic thinking and architecture mindset with ability to design scalable solutions.
  • Excellent stakeholder management and communication skills.
  • Ability to translate risk into actionable standards and guardrails.

Responsibilities

  • Define and maintain security standards, policies, and guardrails across Enabling Services.
  • Establish governance models defining roles, responsibilities, and accountability.
  • Lead threat modeling and risk assessments to identify and prioritize risks.
  • Design and govern secure reference architectures for cloud, network, IAM, encryption, and key management.
  • Define requirements for logging, monitoring, SIEM integration, and threat detection use cases.
  • Embed security into CI/CD pipelines using SAST, DAST, and SCA tools.
  • Define incident response frameworks and playbooks in collaboration with SecOps.
  • Enable continuous compliance monitoring and support audits and assessments.

Benefits

  • Hybrid work arrangement (as indicated in the posting)